You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Consolidate auth extensions to generalized ones, one for OAuth1 and one for OAuth2.
The plan is to combine all the service-level auth flows where possible to allow for more uniform and easy-to-understand auth flows based on underlying protocol, and to reduce reliance on third-party SDKs for future secure deployment environments.
update: this bug is now tracking the effort to consolidate auth extensions to generalized ones, one for OAuth1 and one for OAuth2.
The comment in the PR description about making API servers be auth config managers is now out of date. The latest discussion/thinking is for auth logic to be available in API servers for those who wish to use the API server as a web server to handle auth, but to also provide a separate, more minimal, mode as well for the API server to not handle auth flow (just provide an interface to JobStore). In that scenario, distributions would move auth logic to their frontend. This dual-mode API server approach was discussed in our maintainer meeting on 10/15/18.
Consolidate auth extensions to generalized ones, one for OAuth1 and one for OAuth2.
The plan is to combine all the service-level auth flows where possible to allow for more uniform and easy-to-understand auth flows based on underlying protocol, and to reduce reliance on third-party SDKs for future secure deployment environments.
out of date:
As discussed in https://portability.slack.com/archives/C8PH5R1C2/p1533592780000248We should generalize AuthServiceExtension used in the API servers to be basically a config wrapper, which returns auth-related config to the FEFE's should know how to handle various auth flows given the auth configuration returned from the APIThe text was updated successfully, but these errors were encountered: