Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication Mechanism - How does that work? #12

Open
yozef opened this issue Nov 19, 2020 · 1 comment
Open

Authentication Mechanism - How does that work? #12

yozef opened this issue Nov 19, 2020 · 1 comment

Comments

@yozef
Copy link

yozef commented Nov 19, 2020
edited

This open source project has a great structure that I'm still trying to wrap my head around.

I was able to run the API server, set up Axway MBaaS, and able to run the iOS/Android App.

However, I'm having issues understanding how Authentication works. The API backend (surprisingly) doesn't have any login authentication from the /apis/ folder.

The Mobile app opens a website to authenticate from oauth-base-url within tiapp.xml, I also realize that there is support for a few Authentication mechanisms like keycloak which I'm not familiar yet with:

let authenticationProvider;

const public_key = fs.readFileSync(`./keys/${turbo.OAUTH_PROVIDER}.pub`, `utf8`);

if (turbo.OAUTH_PROVIDER === `custom_oauth`) {

	authenticationProvider = AuthenticationOAuthProvider({
		baseUrl:        Ti.App.Properties.getString(`oauth-base-url`),
		tokenPath:      `/oauth/token`,
		defaultHeaders: { apikey: Ti.App.Properties.getString(`oauth-apikey`, ``) },
		client_id:      turbo.oauth_client_id,
		keyfile:        `/keys/${Ti.App.Properties.getString(`oauth-kid`, `default`)}.pub`,
		token:          turbo.app.data.auth_token,
	});

} else if (turbo.OAUTH_PROVIDER === `keycloak`) {

	authenticationProvider = new AuthenticationOAuthProvider(`code`, {
		callback_url: turbo.oauth_callback_url,
		client_id:    turbo.oauth_client_id,
		endpoints:    turbo.oauth_endpoints,
		public_key,
		token:        turbo.app.data.auth_token,
	});
}

turbo.authentication = new Authentication({ provider: authenticationProvider });

However if Axway's MBaaS is the backend DB:
1- Should I manually create the User? (does it happen on the Axway's portal back end?)
2- How would you be able to login from the App if Axway's MBaaS?
@brentonhouse
Copy link
Contributor

Hi @yozef! Thanks for your feedback! The current version of the App and API is setup for OAuth providers such as Red Hat SSO (based on Keycloak). The Axway MBaaS does not currently support OAuth but you could probably get it to work with the app and API if you wrote a custom provider. The employee object in the database does need to exist prior to authentication but a feature to support auto-creation will be added in the next release of the Griffin API.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yozef @brentonhouse