Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: OpenID based authentication for SMUI #62

Draft
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

epugh
Copy link
Contributor

@epugh epugh commented Mar 2, 2021

This is a spike for me to have SMUI delegate to Keycloak for authentication. I've been working with a branch in Chorus project to manage the setup of Keycloak: querqy/chorus#47

I've definitely been struggling with some of the Play/Scala code, will need some help getting this whipped into shape ;-)

totally different form the JWTJsonAuthenticatedAction.   This also adds a new controller to handle the /auth/openid/callback call from the open id server.
@epugh epugh requested a review from pbartusch March 2, 2021 21:21
Copy link
Contributor Author

@epugh epugh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great!!

…but did have the scope key...

Temporarily commenting out the much better code Matthias has.
@epugh
Copy link
Contributor Author

epugh commented Mar 8, 2021

Tasks to be done:

  • Document how to create a resource_access key in the claim JSON to show up. Eric can't get that to work in Keycloak.
  • Write up the documentation on how to use this.
  • Figure out how to get the front end to see an unauthenticated person, and redirect to the ODP URL.

@pbartusch
Copy link
Collaborator

Hi @epugh , the feature sounds very interesting , nevertheless , the implementation seems very work in progress (as the title also suggested) with all its "ERIC HERE" log statements ;-)

Do you have a plan to further drive this feature?

@epugh
Copy link
Contributor Author

epugh commented May 14, 2021

It definitely is WIP... I see the future, just not quite there ;-). The immediate client work that was driving this is wrapped up, but I anticipate picking it back up again. I'll mark it as "Draft" in github to make it clear this isn't ready for produciton. And of course, if anyone else wants to move this along, I more then welcome commits to either this PR or a different solution ;-)

@epugh epugh marked this pull request as draft May 14, 2021 12:47
@epugh
Copy link
Contributor Author

epugh commented May 26, 2021

One thing that was difficult was having a way of testing the OpenID (OAuth) without running Keycloak (or another solution)....

I saw this: apache/solr#139 (comment) which might be of interest when we pick this back up.

@pbartusch
Copy link
Collaborator

hi @epugh , I dont know much about Keycloak , but SMUI has a testcontainer infrastructure set up for the automatic test cases. AFAIK , you can bootstrap every docker container to execute test case with the depending software. Might be interesting for a auth service + SMUI setup ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants