This repository has been archived by the owner on Mar 11, 2021. It is now read-only.
Implement native refresh token workflow #578
Comments
8 tasks
dipak-pawar
added a commit
that referenced
this issue
Sep 28, 2018
xcoulon
added a commit
to openshiftio/saas-openshiftio
that referenced
this issue
Oct 9, 2018
# Changes **Commit:** fabric8-services/fabric8-auth@d546608 **Author:** Shane Bryzak ([email protected]) **Date:** 2018-09-19T05:06:50+10:00 RPT: Trigger privilege cache renewal into relevant workflows (fabric8-services/fabric8-auth#637) fixes fabric8-services/fabric8-auth#612 ---- **Commit:** fabric8-services/fabric8-auth@c3cc329 **Author:** Shoubhik Bose ([email protected]) **Date:** 2018-09-26T11:49:12+05:30 Separate out userinfo lookup from login (fabric8-services/fabric8-auth#618) * separate out userinfo lookup from login * refactor new configuration method name * fix json attr * add id from userapi response * update interface def to use LoginOAuthIDP * use interface * fix tests * new login flow * fix up more tests * add token-identity verification * add tests for oauth2 * remove methods * dont talk to keycloak while creating a new user * fix test after pull * chore: fix typos and clean code * fix: rename variable by adding prefix oauth to endpoint.userinfo * docs: correct doc comment for GetOAuthEndpointToken * fix: rename LoginIdentityProvider to IdentityProvider as it's in login package * fix: cleanup code * fix tests, add first login functionality * add tests for filluser.. * test to see if WIT is being called * validate err ---- **Commit:** fabric8-services/fabric8-auth@bcb5571 **Author:** Xavier Coulon ([email protected]) **Date:** 2018-09-26T09:18:16+02:00 Avoid duplicate scopes in cached privileges (fabric8-services/fabric8-auth#663) list scopes using the `DISTINCT` SQL option to avoid duplicates added tests also, fixed a few errors reported when building with go 1.11 fixes fabric8-services/fabric8-auth#661 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@17ecc1d **Author:** Xavier Coulon ([email protected]) **Date:** 2018-09-26T14:27:41+02:00 Fix govet errors (fabric8-services/fabric8-auth#665) * Fix govet errors fix govet errors, and disable `vet` during tests to avoid failures on the `app/test` pkg fixes fabric8-services/fabric8-auth#664 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@5f59853 **Author:** Xavier Coulon ([email protected]) **Date:** 2018-09-26T20:18:24+02:00 Missing `session_state` in generated token (fabric8-services/fabric8-auth#667) (fabric8-services/fabric8-auth#668) Fill the `session_state` claim of the generated access token with a random UUID Fixes fabric8-services/fabric8-auth#667 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@7ab68d7 **Author:** Dipak Pawar ([email protected]) **Date:** 2018-09-28T17:45:03+05:30 feat(fabric8-services/fabric8-auth#578): implement refresh token workflow in auth (fabric8-services/fabric8-auth#666) ---- **Commit:** fabric8-services/fabric8-auth@ef65c8f **Author:** Shoubhik Bose ([email protected]) **Date:** 2018-10-01T07:24:51-05:00 Allow [email protected] approvals (fabric8-services/fabric8-auth#675) fixes fabric8-services/fabric8-auth#672 ---- **Commit:** fabric8-services/fabric8-auth@0bbb377 **Author:** Dipak Pawar ([email protected]) **Date:** 2018-10-01T18:40:41+05:30 Create token for dev user in developer mode (fabric8-services/fabric8-auth#676) fixes fabric8-services/fabric8-auth#674 ---- **Commit:** fabric8-services/fabric8-auth@2010dab **Author:** Xavier Coulon ([email protected]) **Date:** 2018-10-01T16:01:39+02:00 Modify refresh workflow for RPTokens (fabric8-services/fabric8-auth#670) * Modify refresh workflow for RPTokens If the user request contains a RPToken, then this latter is used to generate a new RPToken (while checking that the permissions still apply), otherwise, a "simple" access token is returned. also: - refactor test: rename testsuite, using subtests for the refresh token endpoint test - use minimock istead of Dummy implementation Fixes fabric8-services/fabric8-auth#613 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@53be0d0 **Author:** Alexey Kazakov ([email protected]) **Date:** 2018-10-02T05:32:01+05:30 Proxy /api/clusters to Cluster Management Service (fabric8-services/fabric8-auth#659) * Proxy /cluster to Cluster Management Service * Call Cluster Managment Service to get cluster info * Fix test compilation errors * Remove unused function * Fix tests * Fix conflicts after merge to master * More tests * cleanup * Fix merge conflicts * Lazy cluster service initialization * More tests * Add synchronization to Default Token Manager initialization * More tests * Addressing PR review comments * Return a copy of cluster instead of pointer to original cached object * Add comments about avoiding Auth-Cluster cycle dependencies during startup * Add some logs * Fix cluster/auth path ---- **Commit:** fabric8-services/fabric8-auth@fdb2732 **Author:** Alexey Kazakov ([email protected]) **Date:** 2018-10-02T06:26:00+05:30 Fix default cluster service URL (fabric8-services/fabric8-auth#677) ---- **Commit:** fabric8-services/fabric8-auth@952a29d **Author:** Xavier Coulon ([email protected]) **Date:** 2018-10-03T11:53:33+02:00 Fix compilation errors on becnh tests (fabric8-services/fabric8-auth#682) fixes fabric8-services/fabric8-auth#681 Signed-off-by: Xavier Coulon <[email protected]> ----
xcoulon
added a commit
to openshiftio/saas-openshiftio
that referenced
this issue
Oct 9, 2018
# Changes **Commit:** fabric8-services/fabric8-auth@d546608 **Author:** Shane Bryzak ([email protected]) **Date:** 2018-09-19T05:06:50+10:00 RPT: Trigger privilege cache renewal into relevant workflows (fabric8-services/fabric8-auth#637) fixes fabric8-services/fabric8-auth#612 ---- **Commit:** fabric8-services/fabric8-auth@c3cc329 **Author:** Shoubhik Bose ([email protected]) **Date:** 2018-09-26T11:49:12+05:30 Separate out userinfo lookup from login (fabric8-services/fabric8-auth#618) * separate out userinfo lookup from login * refactor new configuration method name * fix json attr * add id from userapi response * update interface def to use LoginOAuthIDP * use interface * fix tests * new login flow * fix up more tests * add token-identity verification * add tests for oauth2 * remove methods * dont talk to keycloak while creating a new user * fix test after pull * chore: fix typos and clean code * fix: rename variable by adding prefix oauth to endpoint.userinfo * docs: correct doc comment for GetOAuthEndpointToken * fix: rename LoginIdentityProvider to IdentityProvider as it's in login package * fix: cleanup code * fix tests, add first login functionality * add tests for filluser.. * test to see if WIT is being called * validate err ---- **Commit:** fabric8-services/fabric8-auth@bcb5571 **Author:** Xavier Coulon ([email protected]) **Date:** 2018-09-26T09:18:16+02:00 Avoid duplicate scopes in cached privileges (fabric8-services/fabric8-auth#663) list scopes using the `DISTINCT` SQL option to avoid duplicates added tests also, fixed a few errors reported when building with go 1.11 fixes fabric8-services/fabric8-auth#661 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@17ecc1d **Author:** Xavier Coulon ([email protected]) **Date:** 2018-09-26T14:27:41+02:00 Fix govet errors (fabric8-services/fabric8-auth#665) * Fix govet errors fix govet errors, and disable `vet` during tests to avoid failures on the `app/test` pkg fixes fabric8-services/fabric8-auth#664 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@5f59853 **Author:** Xavier Coulon ([email protected]) **Date:** 2018-09-26T20:18:24+02:00 Missing `session_state` in generated token (fabric8-services/fabric8-auth#667) (fabric8-services/fabric8-auth#668) Fill the `session_state` claim of the generated access token with a random UUID Fixes fabric8-services/fabric8-auth#667 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@7ab68d7 **Author:** Dipak Pawar ([email protected]) **Date:** 2018-09-28T17:45:03+05:30 feat(fabric8-services/fabric8-auth#578): implement refresh token workflow in auth (fabric8-services/fabric8-auth#666) ---- **Commit:** fabric8-services/fabric8-auth@ef65c8f **Author:** Shoubhik Bose ([email protected]) **Date:** 2018-10-01T07:24:51-05:00 Allow [email protected] approvals (fabric8-services/fabric8-auth#675) fixes fabric8-services/fabric8-auth#672 ---- **Commit:** fabric8-services/fabric8-auth@0bbb377 **Author:** Dipak Pawar ([email protected]) **Date:** 2018-10-01T18:40:41+05:30 Create token for dev user in developer mode (fabric8-services/fabric8-auth#676) fixes fabric8-services/fabric8-auth#674 ---- **Commit:** fabric8-services/fabric8-auth@2010dab **Author:** Xavier Coulon ([email protected]) **Date:** 2018-10-01T16:01:39+02:00 Modify refresh workflow for RPTokens (fabric8-services/fabric8-auth#670) * Modify refresh workflow for RPTokens If the user request contains a RPToken, then this latter is used to generate a new RPToken (while checking that the permissions still apply), otherwise, a "simple" access token is returned. also: - refactor test: rename testsuite, using subtests for the refresh token endpoint test - use minimock istead of Dummy implementation Fixes fabric8-services/fabric8-auth#613 Signed-off-by: Xavier Coulon <[email protected]> ---- **Commit:** fabric8-services/fabric8-auth@53be0d0 **Author:** Alexey Kazakov ([email protected]) **Date:** 2018-10-02T05:32:01+05:30 Proxy /api/clusters to Cluster Management Service (fabric8-services/fabric8-auth#659) * Proxy /cluster to Cluster Management Service * Call Cluster Managment Service to get cluster info * Fix test compilation errors * Remove unused function * Fix tests * Fix conflicts after merge to master * More tests * cleanup * Fix merge conflicts * Lazy cluster service initialization * More tests * Add synchronization to Default Token Manager initialization * More tests * Addressing PR review comments * Return a copy of cluster instead of pointer to original cached object * Add comments about avoiding Auth-Cluster cycle dependencies during startup * Add some logs * Fix cluster/auth path ---- **Commit:** fabric8-services/fabric8-auth@fdb2732 **Author:** Alexey Kazakov ([email protected]) **Date:** 2018-10-02T06:26:00+05:30 Fix default cluster service URL (fabric8-services/fabric8-auth#677) ---- **Commit:** fabric8-services/fabric8-auth@952a29d **Author:** Xavier Coulon ([email protected]) **Date:** 2018-10-03T11:53:33+02:00 Fix compilation errors on becnh tests (fabric8-services/fabric8-auth#682) fixes fabric8-services/fabric8-auth#681 Signed-off-by: Xavier Coulon <[email protected]> ----
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Part of #350
Generate a new user + refresh token, upon validating a refresh token and return it.
As of today we already do the above, but Auth also 'talks' to keycloak first. We have to skip that.
The text was updated successfully, but these errors were encountered: