Page MenuHomeSoftware Heritage
Create Task
Maniphest T2048

Use OpenID Connect to authenticate and authorize users in Django
Closed, MigratedEdits Locked
Actions

Description

As the decision has been made to use Keycloak as identity provider for Software Heritage, we need to add
support for OpenID Connect into the Django authentication layer.

To do so, we could inspire from or directly use one of these existing Django applications:

Revisions and Commits

rDWAPPS Web applications
D3304rDWAPPS7e7194615881 auth: Map Keycloak user permissions to Django ones

Related Objects
Search...

Event Timeline

anlambert triaged this task as Normal priority.Oct 22 2019, 11:23 AM
anlambert created this task.
anlambert mentioned this in T2020: Experiment with keycloak: an open source identity and access management solution.
anlambert updated the task description. (Show Details)Oct 29 2019, 4:32 PM
anlambert renamed this task from Integrate Keycloak in Django authentication layer to Use OpenID Connect to authenticate users in Django.Jan 23 2020, 3:39 PM
anlambert updated the task description. (Show Details)
anlambert updated the task description. (Show Details)Jan 23 2020, 4:23 PM
anlambert renamed this task from Use OpenID Connect to authenticate users in Django to Use OpenID Connect to authenticate and manage users in Django.Jan 23 2020, 4:26 PM
anlambert merged a task: T1982: Add user authentication and permissions to swh-web.
anlambert renamed this task from Use OpenID Connect to authenticate and manage users in Django to Use OpenID Connect to authenticate and authorize users in Django.Jan 23 2020, 4:29 PM
anlambert added a parent task: T2219: Authentication / authorization.
anlambert closed subtask T2248: Check OIDC user session state in frontend as Wontfix.Feb 10 2020, 4:04 PM
anlambert closed subtask T2295: Map Keycloak staff user group to django one as Resolved.Mar 16 2020, 4:00 PM
anlambert closed subtask T2246: Add custom Django model for remote users as Resolved.
anlambert closed subtask T2245: Allow to login with OIDC Authorization Code Flow as Resolved.
anlambert closed subtask T2249: Add Web API authentication based on bearer tokens as Resolved.
anlambert changed the status of subtask T2302: Create debian packages for python-keycloak and python-jose from Open to Work in Progress.Mar 16 2020, 5:26 PM
anlambert closed subtask T2302: Create debian packages for python-keycloak and python-jose as Resolved.Mar 17 2020, 3:21 PM
anlambert changed the status of subtask T2267: Check OIDC user session state in backend from Open to Work in Progress.Mar 24 2020, 3:28 PM
anlambert closed subtask T2267: Check OIDC user session state in backend as Resolved.Apr 7 2020, 4:12 PM
anlambert updated the task description. (Show Details)Apr 7 2020, 4:13 PM
anlambert mentioned this in D2975: webapp: Add keycloak configuration for production and staging.Apr 7 2020, 6:41 PM
anlambert mentioned this in rSPSITE49ed9869b1b6: webapp: Add keycloak configuration for production and staging.Apr 8 2020, 12:34 PM
anlambert added a revision: D3304: auth: Map Keycloak user permissions to Django ones.Jun 17 2020, 4:10 PM
anlambert closed subtask T2247: Map Keycloak permissions to Django ones as Resolved.Jun 18 2020, 2:14 PM
anlambert added a commit: rDWAPPS7e7194615881: auth: Map Keycloak user permissions to Django ones.
anlambert closed this task as Resolved.Jun 18 2020, 2:16 PM

All required authentication features are now implemented in swh-web, closing this.

gitlab-migration changed the status of subtask T2302: Create debian packages for python-keycloak and python-jose from Resolved to Migrated.Oct 19 2022, 5:57 PM
gitlab-migration changed the task status from Resolved to Migrated.Jan 8 2023, 4:28 PM
gitlab-migration claimed this task.
gitlab-migration added a subscriber: gitlab-migration.

This task has been migrated to GitLab.

gitlab-migration changed the status of subtask T2245: Allow to login with OIDC Authorization Code Flow from Resolved to Migrated.Jan 8 2023, 4:29 PM
gitlab-migration changed the status of subtask T2246: Add custom Django model for remote users from Resolved to Migrated.
gitlab-migration changed the status of subtask T2247: Map Keycloak permissions to Django ones from Resolved to Migrated.
gitlab-migration changed the status of subtask T2248: Check OIDC user session state in frontend from Wontfix to Migrated.
gitlab-migration changed the status of subtask T2249: Add Web API authentication based on bearer tokens from Resolved to Migrated.
gitlab-migration changed the status of subtask T2267: Check OIDC user session state in backend from Resolved to Migrated.
gitlab-migration changed the status of subtask T2295: Map Keycloak staff user group to django one from Resolved to Migrated.
About · Developer information · Legal