Issue was closed by Andrea Veri
Issue #637: https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/637
--
Reply to this email directly or view it on GitLab:
https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/637
You're receiving this email because of your account on
Andrea Veri commented:
This has been fixed, the culprit was related to the use of multiple pods within
Keycloak and the fact the pod handling the original Authorization Flow request
(for the client to effectively receive an access token) was not the one
effectively responding back to the
Sam Thursfield commented:
Spent a while trying to get this to work today, here's what happened.
OpenID Connect is a superset of OAuth2, and so OpenQA OAuth2 backend can
authenticate against Keycloak OpenID Connect provider. In theory. This is
working at http://openqa.qa.codethink.co.uk/
Andrea Veri commented:
Sent your way the identifier/secret, oidc_url and issuer have to set to
https://auth.gnome.org/auth/realms/master, let's coordinate on IRC once landed
:)
--
Reply to this email directly or view it on GitLab:
Sam Thursfield commented:
No problem, I will be around tomorrow!
--
Reply to this email directly or view it on GitLab:
https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/637#note_1242513
You're receiving this email because of your account on gitlab.gnome.org.
Andrea Veri commented:
Lovely, will set this up for you tomorrow, will send credentials your way and
we can test, if you could stick around in #sysadmin while we do that that would
be lovely so we can speed up any eventual troubleshooting :-)
--
Reply to this email directly or view it on
Sam Thursfield commented:
Login is really only useful for admins to update and modify tests. I don't see
a big problem if we use auth.gnome.org and thus limit it to people with GNOME
accounts.
--
Reply to this email directly or view it on GitLab:
Andrea Veri commented:
@sthursfield is the intent of utilizing the backend LDAP auth (GNOME Accounts)
for openqa as well or you'd want any GNOME GitLab user to be able to login
there? if the answer to the former is yes, why don't we use auth.gnome.org
instead?
--
Reply to this email