Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement a central User Service for auth - keycloak #1596

Open
Tracked by #5523
hangy opened this issue Dec 30, 2018 · 1 comment · May be fixed by #9251
Open
Tracked by #5523

Implement a central User Service for auth - keycloak #1596

hangy opened this issue Dec 30, 2018 · 1 comment · May be fixed by #9251
Assignees
@hangy
Labels
🔐 API auth The API requires auth in order to perform editing.There is a common mechanism & a Robotoff mechanism API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…)

Comments

@hangy
Copy link
Member

hangy commented Dec 30, 2018
edited
Loading

Somewhat related to #1204

Right now, the option to login to different Product Opener sites (OpenFoodFacts, OpenBeautyFacts, OpenPetFoodFacts, and OpenProductFacts) is implemented by sharing the $data_root/users between all sites. In production, this is (AFAIK) done by a symlink. A more reusable and standards-based approach could be to have a central authentication/authorization site, that provides a M2M API (ie. OIDC), so that the connected sites can use that API instead of having direct access to the $data_root/users directory.
@hangy hangy added the 🔐 API auth The API requires auth in order to perform editing.There is a common mechanism & a Robotoff mechanism label Dec 30, 2018
@teolemon teolemon added the API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…) label Aug 21, 2021
@teolemon teolemon mentioned this issue Aug 21, 2021
Open
@alexgarel alexgarel changed the title Consider a central User Service for auth Implement a central User Service for auth - keycloak Feb 7, 2024
@alexgarel
Copy link
Member

It's currently under heavy work by @hangy and @john-gom

see: #9251

This was referenced Feb 7, 2024
Open
Open
@hangy hangy mentioned this issue Mar 13, 2024
Closed
@john-gom john-gom mentioned this issue Mar 19, 2024
Merged
3 tasks
This was referenced Mar 25, 2024
Closed
Closed
Closed
Closed
Closed
Closed
@hangy hangy mentioned this issue Sep 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hangy hangy

Labels
🔐 API auth The API requires auth in order to perform editing.There is a common mechanism & a Robotoff mechanism API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…)
Projects
Revamping auth across Open Food Facts
Status: In progress
🍊 Open Food Facts Server issues
Status: In Progress
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Implement OIDC sign-in openfoodfacts/openfoodfacts-server
3 participants
@hangy @alexgarel @teolemon