airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus Christie (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AIRAVATA-2892) IAM Admin Services: generate Airavata User Profile when user account is enabled
Date Tue, 06 Nov 2018 13:27:00 GMT

    [ https://issues.apache.org/jira/browse/AIRAVATA-2892?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16676762#comment-16676762
] 

Marcus Christie commented on AIRAVATA-2892:
-------------------------------------------

The design I've come up with is to add a new method, {{initializeUserProfile(AuthzToken authzToken)}},
to the UserProfileService. This method will get the userinfo from Keycloak using the authzToken
and then create a minimal profile based on this info (email, first name, last name, username).

The client requirement then is that when a user authenticates with the Airavata identity service
for the first time and gets an access_token, the client should call {{initializeUserProfile}}.
This will setup that user in the Airavata system.

Also, I plan to change the RegistryServiceDBEventHandler so that when it gets a new user event
it will also create a default project for the user and add that project as an entity owned
by the user into the Sharing Registry. With this in place I can remove a good deal of new
user setup code from the Django portal.

> IAM Admin Services: generate Airavata User Profile when user account is enabled
> -------------------------------------------------------------------------------
>
>                 Key: AIRAVATA-2892
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2892
>             Project: Airavata
>          Issue Type: Improvement
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> Currently in PGA the User Profile is created when the enabled user logs in for the first
time. This places an unnecessary burden on API clients to implement user account initialization
logic when it could be performed by Airavata middleware.
> Another related improvement would be to create the default project for a newly created
user account.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message