[jira] [Updated] (AIRAVATA-2535) Django: Keycloak integration

Wed, 18 Jul 2018 09:44:10 -0700 


     [ 
https://issues.apache.org/jira/browse/AIRAVATA-2535?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Marcus Christie updated AIRAVATA-2535:
--------------------------------------
    Description: 
Integrate with Keycloak. Following is an incomplete list of needed 
functionality (these should be created as subtasks):
* refresh token when access token reaches half of its lifetime
* -load Keycloak roles into session-
* logout of session in middleware when token expires

As much as possible calls to Keycloak APIs should be minimized. The PHP PGA was 
making direct API calls for some functionality but we want to make calls to the 
Profile Service to handle those things. Some things that need to be moved to 
the Profile Service:
* -getting roles-
* -getting roles for a user-
* getting users
* -updating a user's roles-
* whether a password update is required

  was:
Integrate with Keycloak. Following is an incomplete list of needed 
functionality (these should be created as subtasks):
* refresh token when access token reaches half of its lifetime
* -load Keycloak roles into session-
* logout of session in middleware when token expires

As much as possible calls to Keycloak APIs should be minimized. The PHP PGA was 
making direct API calls for some functionality but we want to make calls to the 
Profile Service to handle those things. Some things that need to be moved to 
the Profile Service:
* getting roles
* getting roles for a user
* getting users
* updating a user's roles
* whether a password update is required


> Django: Keycloak integration
> ----------------------------
>
>                 Key: AIRAVATA-2535
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2535
>             Project: Airavata
>          Issue Type: New Feature
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> Integrate with Keycloak. Following is an incomplete list of needed 
> functionality (these should be created as subtasks):
> * refresh token when access token reaches half of its lifetime
> * -load Keycloak roles into session-
> * logout of session in middleware when token expires
> As much as possible calls to Keycloak APIs should be minimized. The PHP PGA 
> was making direct API calls for some functionality but we want to make calls 
> to the Profile Service to handle those things. Some things that need to be 
> moved to the Profile Service:
> * -getting roles-
> * -getting roles for a user-
> * getting users
> * -updating a user's roles-
> * whether a password update is required



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to