Tuesday, 2024/06/25
10:00 am ET
Terrell Russell, Kory Draughn, Alan King, Claudio Cacciari (SURF)
DISCUSSION
- OIDC/OAuth2 in HTTP API
- OIDC support included in HTTP API 0.3.0
- Considering deprecating older flows based on standards/recommendations
- Additional/pluggable mapping options
- SURF, static mapping configuration file OR
- SURF, remote URL with 'dynamic' mapping file
- with local cache, timeout, TTL
- JWT verification
- Take access token scopes into consideration
- See UGM slides, link here (once it's posted, terrell is slow)
- pam_interactive
- Account spoofing discussion
- irods/irods_auth_plugin_pam_interactive#18
- irods/irods_auth_plugin_pam_interactive#19
- Haven't merged it yet - considering alternate approaches
- Found other logic around SSL switches
- Possible 'global' for username fix
- Still evaluating
- Harry will evaluate this PR
- Is this ready for a release?
- There are no tests
- Look at the gitlab instance at SURF for inspiration
- There are no tests
- Account spoofing discussion
- Next Meeting
- July 2024