-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable OIDC based Authentication with apisix #312
Conversation
a37fc17
to
3bc5c7a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since this could NOT be covered by CI test due to the pre-requests, maybe we could move this to the top level folder authN-authZ, because this also resolves authentication & authorization.
485abc7
to
92be80d
Compare
Also please fix the DCO error, thx |
helm-charts/auth-apisix/README.md
Outdated
The access token, refresh token, userinfo and user roles can be obtained by invoking OIDC auth endpoint through UI or token endpoint through curl and providing user credentials. </br></br> | ||
|
||
Below steps can be followed to get access token from keycloak and access the APISIX published ChatQnA API through curl | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please help explain your authentication and authorization scenarios here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree the proposal of the above folder layout.
3e1ec31
to
c9f766c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please remove duplicated files under helm-charts directory. Also please add reference in file authN-authZ/README.md
Signed-off-by: Chaitanya Khened <[email protected]>
Signed-off-by: Chaitanya Khened <[email protected]>
…rectory structure Signed-off-by: Chaitanya Khened <[email protected]>
Signed-off-by: Chaitanya Khened <[email protected]>
Signed-off-by: Chaitanya Khened <[email protected]>
a6512e5
to
03083b6
Compare
for more information, see https://pre-commit.ci
Moved auth-apisix dir to authN-authZ, fixed CI checks and incorporated other comments. |
Signed-off-by: Chaitanya Khened <[email protected]>
for more information, see https://pre-commit.ci
This will not include in this PR, correct? |
Description
The proposed changes enable OIDC (Open ID Connect) based user Authentication using APISIX API gateway and Keycloak Identity provider to OPEA apps.
This change introduces 2 helm charts:
The Readme file in helm-charts/auth-apisix/README.md gives instructions to install keycloak, apisix and API CRDs
APISIX is apache licensed open source API gateway which is light weight, delivers high performance. It can work with docker or kubernetes and with any service mesh within kubernetes.
Issues
n/a
Type of change
List the type of change like below. Please delete options that are not relevant.
Dependencies
Tests
Verified locally on my test system