Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable authentication via Github access token #247

Merged
merged 4 commits into from
Nov 22, 2019
Merged

Conversation

c-w
Copy link
Member

@c-w c-w commented Nov 17, 2019

The endpoint that registers new Lokole clients is currently protected via HTTP basic auth in client-register.yaml and the username and password is configured via a secret in Kubernetes. As we're onboarding new organizations that will deploy Lokole devices, we need an easier way to add and remove people who're authorized to authenticate with the API.

This pull request adds support for authenticating with the registration endpoint via Github identity. The process for enabling a user to authenticate is as follows:

  1. An administrator in the Github Ascoderu organization adds the user to the lokole-registration team.
  2. The user creates a personal access token with the read:org scope.
  3. The user can now pass <github-user-name>:<personal-access-token> as the value of the registration credential argument to the install.py script to set up new Lokole devices.

Resolves #245

@codecov-io
Copy link

codecov-io commented Nov 17, 2019

Codecov Report

Merging #247 into master will increase coverage by 0.06%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #247      +/-   ##
==========================================
+ Coverage   98.58%   98.64%   +0.06%     
==========================================
  Files          14       14              
  Lines         987     1036      +49     
==========================================
+ Hits          973     1022      +49     
  Misses         14       14
Impacted Files Coverage Δ
opwen_email_server/services/auth.py 100% <100%> (ø) ⬆️
opwen_email_server/config.py 100% <100%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c3ebfe9...27f93a7. Read the comment docs.

.travis.yml Outdated Show resolved Hide resolved
@c-w c-w merged commit 4ae4d70 into master Nov 22, 2019
@c-w c-w deleted the github-access-token-auth branch November 22, 2019 23:24
c-w added a commit that referenced this pull request Apr 28, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add RBAC for Lokole registration
3 participants