Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarify UserId idp should be an origin #159

Closed
wants to merge 1 commit into from

Conversation

michielbdejong
Copy link
Contributor

As discussed in cs3org/reva#2285

@@ -33,7 +33,7 @@ import "cs3/types/v1beta1/types.proto";
// A UserId represents a user.
message UserId {
// REQUIRED.
// The identity provider for the user.
// The origin (url without path) of the identity provider for the user, e.g. "https://example.com" or "http://localhost:8080"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how about IDPs supporting multiple realms like eg. Keycloak? (see also https://www.keycloak.org/docs/latest/server_admin/#core-concepts-and-terms)

Example:
https://keycloak.owncloud.test/auth/realms/oCIS-realm-1/protocol/openid-connect/...
https://keycloak.owncloud.test/auth/realms/oCIS-realm-2/protocol/openid-connect/...

The realms oCIS-realm-1 and oCIS-realm-2 behave like totally separate IDPs.
Maybe both of them have a user "albert", should they both be treated as the same user in REVA?

I don't think so. Therefore we would need to keep the full URL with path.

@micbar
Copy link
Member

micbar commented Sep 27, 2023

closing, see @wkloucek

@micbar micbar closed this Sep 27, 2023
@labkode labkode deleted the clarify-userid-idp-field branch November 16, 2023 14:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants