feat(core-api): role based access control through oauth2 scopes #770
Assignees
Labels
Comments
petermetz
added
API_Server
Core_API
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 6, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 6, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 7, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 7, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 7, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 7, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 9, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 10, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 10, 2021
…ledger-cacti#770 WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 12, 2021
WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 13, 2021
WORK IN PROGRESS Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 13, 2021
Primary change(s): ------------------ 1. Verification of JSON web tokens for all endpoints by default. 2. The ability for endpoints to control on top of JWT valdity the requirement of the JWT payload containing a certain scope Miscellaneous change(s): ------------------------ 1. Refactor of all the endpoints and plugins to make this change technically possible. Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 14, 2021
Primary change(s): ------------------ 1. Verification of JSON web tokens for all endpoints by default. 2. The ability for endpoints to control on top of JWT valdity the requirement of the JWT payload containing a certain scope Miscellaneous change(s): ------------------------ 1. Refactor of all the endpoints and plugins to make this change technically possible. Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 17, 2021
Primary change(s): ------------------ 1. Verification of JSON web tokens for all endpoints by default. 2. The ability for endpoints to control on top of JWT valdity the requirement of the JWT payload containing a certain scope Miscellaneous change(s): ------------------------ 1. Refactor of all the endpoints and plugins to make this change technically possible. Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 18, 2021
Primary change(s): ------------------ 1. Verification of JSON web tokens for all endpoints by default. 2. The ability for endpoints to control on top of JWT valdity the requirement of the JWT payload containing a certain scope Miscellaneous change(s): ------------------------ 1. Refactor of all the endpoints and plugins to make this change technically possible. Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 19, 2021
Primary change(s): ------------------ 1. Verification of JSON web tokens for all endpoints by default. 2. The ability for endpoints to control on top of JWT valdity the requirement of the JWT payload containing a certain scope Miscellaneous change(s): ------------------------ 1. Refactor of all the endpoints and plugins to make this change technically possible. Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
to petermetz/cacti
that referenced
this issue
Apr 21, 2021
Primary change(s): ------------------ 1. Verification of JSON web tokens for all endpoints by default. 2. The ability for endpoints to control on top of JWT valdity the requirement of the JWT payload containing a certain scope Miscellaneous change(s): ------------------------ 1. Refactor of all the endpoints and plugins to make this change technically possible. Fixes hyperledger-cacti#770 Signed-off-by: Peter Somogyvari <[email protected]>
petermetz
added a commit
that referenced
this issue
Apr 21, 2021
Primary change(s): ------------------ 1. Verification of JSON web tokens for all endpoints by default. 2. The ability for endpoints to control on top of JWT valdity the requirement of the JWT payload containing a certain scope Miscellaneous change(s): ------------------------ 1. Refactor of all the endpoints and plugins to make this change technically possible. Fixes #770 Signed-off-by: Peter Somogyvari <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
I want to be able to configure the API server with an arbitrary OAuth2 identity provider so that it's easy to plug Cactus plugins into existing infrastructure and at the same time Cactus itself does not have to be burdened (for now at least) with providing a full implementation of an identity provider itself.
Describe the solution you'd like
[1]
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
This came up during the work on #540 and is also heavily related to all the other identity related tasks that we have defined so far. The idea here is to do the absolute bare minimum that we need for a release candidate that we can honestly stand behind and say it is ready for production.
#546
#144
cc: @takeutak @sfuji822 @hartm @jonathan-m-hamilton @AzaharaC @jordigiam @kikoncuo @jagpreetsinghsasan
The text was updated successfully, but these errors were encountered: