Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

As a developer, I'd like to use Bearer Token to send authenticated API requests #9229

Closed
johannes-darms opened this issue Dec 14, 2022 · 0 comments · Fixed by #9591
Closed

As a developer, I'd like to use Bearer Token to send authenticated API requests #9229

johannes-darms opened this issue Dec 14, 2022 · 0 comments · Fixed by #9591
Milestone
5.14

Comments

@johannes-darms
Copy link
Contributor

johannes-darms commented Dec 14, 2022
edited

Overview of the Feature Request

Dataverse already allows users to register and sign in using OIDC. To access Dataverse APIs, these users must still generate and send a Dataverse API key. Instead, we would like them to be able to access the APIs using OIDC bearer tokens.

What kind of user is the feature intended for?
(Example users roles: API User, Curator, Depositor, Guest, Superuser, Sysadmin)

API users

What inspired the request?

This would simplify the integration of e.g. SPAs with Dataverse when users sign in via OIDC.

What existing behavior do you want changed?

Any brand new behavior do you want to add to Dataverse?

OIDC users should be able to access Dataverse APIs by sending an OIDC bearer token in the Authorization header instead of sending their API key.

Any related open or closed issues to this feature request?

#7005 proposed using OAuth 2.0 bearer tokens for API auth.

text written by @vera
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
feat(api): first draft to enable OIDC bearer token API access IQSS#9229
861b93c
@poikilotherm poikilotherm mentioned this issue Dec 14, 2022
Closed
4 tasks
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
feat(settings): add feature gates functionality for the first time IQ…
f5862e3 
…SS#9229 IQSS#7000
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
feat(api): add OIDC API access feature gate to authentication IQSS#9229
04b7eac
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
chore(api): remove unused imports from AbstractApiBean IQSS#9229
3f900e5
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
refactor(settings,api): rename feature gates to flags as requested by @…
5e85143 
…pdurbin IQSS#9229
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
doc(dev,auth): add initial feature flags documentation to the guides I…
b11e4f1 
…QSS#9229 IQSS#9223
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
refactor(auth): cleanup OIDCAuthProvider + expose UserInfo URI IQSS#9229
dd4310b 


- Expose the UserInfo endpoint URI from the OIDC provider metadata
- Not exposing the complete metadata on purpose to keep it
  non-modifiable and sealed inside the provider instance
- Minor method renaming to better explain what the method is about
- Fix missing newlines for single line method
poikilotherm added a commit to poikilotherm/dataverse that referenced this issue Dec 14, 2022
@poikilotherm
feat(api): query all avail OIDC providers for user info IQSS#9229
3694d81 
Replace the placeholder of static endpoint with retrieving the UserInfo
endpoint URI from all know OIDC authentication providers and iterate
over them. The access token might match for any of them.

Also making the errors a bit more descriptive and adding logging.
@poikilotherm poikilotherm mentioned this issue Dec 18, 2022
Open
@poikilotherm poikilotherm mentioned this issue Jan 9, 2023
Closed
@GPortas GPortas mentioned this issue Jan 17, 2023
Closed
@poikilotherm poikilotherm mentioned this issue Jan 18, 2023
Closed
@johannes-darms johannes-darms mentioned this issue Apr 18, 2023
Closed
pdurbin added a commit to pdurbin/dataverse that referenced this issue May 10, 2023
@pdurbin
Merge branch 'develop' into 9229-bearer-api-auth2 IQSS#9229
ade655b
@pdurbin pdurbin mentioned this issue May 11, 2023
Open
pdurbin added a commit that referenced this issue May 12, 2023
@pdurbin
add bearer token config and docs #9229
96e8e65
johannes-darms pushed a commit to johannes-darms/dataverse that referenced this issue May 15, 2023
@pdurbin @johannes-darms
add bearer token config and docs IQSS#9229
bb1f64e
@pdurbin pdurbin mentioned this issue May 15, 2023
Merged
pdurbin added a commit to johannes-darms/dataverse that referenced this issue May 17, 2023
@pdurbin @poikilotherm
add TODO about caching token validation IQSS#9229
2885f68 
Co-authored-by: Oliver Bertuch <poikilotherm@users.noreply.github.com>
pdurbin added a commit to johannes-darms/dataverse that referenced this issue May 17, 2023
@pdurbin
add a TODO about better errors for the client IQSS#9229
9c7fe07
@pdurbin pdurbin added this to the 5.14 milestone May 18, 2023
@pdurbin pdurbin mentioned this issue Jul 17, 2023
Merged
@pdurbin pdurbin mentioned this issue Sep 27, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
5.14
2 participants
@pdurbin @johannes-darms