airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus Christie (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AIRAVATA-2535) Django: Keycloak integration
Date Wed, 18 Jul 2018 16:44:00 GMT

     [ https://issues.apache.org/jira/browse/AIRAVATA-2535?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Marcus Christie updated AIRAVATA-2535:
--------------------------------------
    Description: 
Integrate with Keycloak. Following is an incomplete list of needed functionality (these should
be created as subtasks):
* refresh token when access token reaches half of its lifetime
* -load Keycloak roles into session-
* logout of session in middleware when token expires

As much as possible calls to Keycloak APIs should be minimized. The PHP PGA was making direct
API calls for some functionality but we want to make calls to the Profile Service to handle
those things. Some things that need to be moved to the Profile Service:
* getting roles
* getting roles for a user
* getting users
* updating a user's roles
* whether a password update is required

  was:
Integrate with Keycloak. Following is an incomplete list of needed functionality (these should
be created as subtasks):
* refresh token when access token reaches half of its lifetime
* load Keycloak roles into session
* logout of session in middleware when token expires

As much as possible calls to Keycloak APIs should be minimized. The PHP PGA was making direct
API calls for some functionality but we want to make calls to the Profile Service to handle
those things. Some things that need to be moved to the Profile Service:
* getting roles
* getting roles for a user
* getting users
* updating a user's roles
* whether a password update is required


> Django: Keycloak integration
> ----------------------------
>
>                 Key: AIRAVATA-2535
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2535
>             Project: Airavata
>          Issue Type: New Feature
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> Integrate with Keycloak. Following is an incomplete list of needed functionality (these
should be created as subtasks):
> * refresh token when access token reaches half of its lifetime
> * -load Keycloak roles into session-
> * logout of session in middleware when token expires
> As much as possible calls to Keycloak APIs should be minimized. The PHP PGA was making
direct API calls for some functionality but we want to make calls to the Profile Service to
handle those things. Some things that need to be moved to the Profile Service:
> * getting roles
> * getting roles for a user
> * getting users
> * updating a user's roles
> * whether a password update is required



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message