✨(backend) integrate ResourceServerAuthentication on the external api
Upgrade django-lasuite to v0.0.19 to benefit from the latest resource server authentication backend. Thanks @qbey for your work. For my needs, @qbey refactored the class in #46 on django-lasuite. Integrate ResourceServerAuthentication in the relevant viewset. The integration is straightforward since most heavy lifting was done in the external-api viewset when introducing the service account. Slightly modify the existing service account authentication backend to defer to ResourceServerAuthentication if a token is not recognized. Override user provisioning behavior in ResourceServerBackend: now, a user is automatically created if missing, based on the 'sub' claim (email is not yet present in the introspection response). Note: shared/common implementation currently only retrieves users, failing if the user does not exist.
This commit is contained in:
lebaudantoine
committed by
aleb_the_flash
aleb_the_flash
parent
a642c6d9a2
commit
c7f5dabbad
4
.github/workflows/meet.yml
vendored
4
.github/workflows/meet.yml
vendored
@@ -183,6 +183,10 @@ jobs:
|
||||
AWS_S3_ENDPOINT_URL: http://localhost:9000
|
||||
AWS_S3_ACCESS_KEY_ID: meet
|
||||
AWS_S3_SECRET_ACCESS_KEY: password
|
||||
OIDC_RS_CLIENT_ID: meet
|
||||
OIDC_RS_CLIENT_SECRET: ThisIsAnExampleKeyForDevPurposeOnly
|
||||
OIDC_OP_INTROSPECTION_ENDPOINT: https://oidc.example.com/introspect
|
||||
OIDC_OP_URL: https://oidc.example.com
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
|
||||
Reference in New Issue
Block a user