Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSO for Local Development of Nautobot #2618

Merged
merged 15 commits into from
Mar 15, 2023
Merged

SSO for Local Development of Nautobot #2618

merged 15 commits into from
Mar 15, 2023

Conversation

whitej6
Copy link
Contributor

@whitej6 whitej6 commented Oct 16, 2022
edited by bryanculver
Loading

What's Changed

  • Added the ability to ship a prebuilt keycloak container for local sso development
  • Provides ability to smoke test social auth core integration
  • Precursor to multiple sso

TODO

  • Explanation of Change(s)
  • Documentation Updates (when adding/changing features)
  • Outline Remaining Work, Constraints from Design

glennmatthews
glennmatthews reviewed Oct 18, 2022
View reviewed changes
Copy link
Contributor

@glennmatthews glennmatthews left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I love where this is going! Probably would be good to have some documentation for using this setup in the developer docs?

development/docker-compose.keycloak.yml Outdated Show resolved Hide resolved
@gsnider2195
Copy link
Contributor

Would we gain anything by running the container in dev mode?

@gsnider2195
Copy link
Contributor

Is it normal for the SSO credential to get cached? Ex

  • Login to Nautobot with SSO
  • Logout of Nautobot
  • Click login again, click login with SSO
  • Automatically logged in with the same SSO user that you logged in with before

@whitej6
Copy link
Contributor Author

whitej6 commented Oct 24, 2022

The caching of creds is actually a cached session with keycloak not cached with nautobot. The timeout/auth settings can be updated from keycloak if you would like to chance this behavior.

@whitej6
Copy link
Contributor Author

whitej6 commented Oct 25, 2022

@gsnider2195 dev mode may give more logging but I am not familiar enough to say for sure. Please review the updated docs I just added.

@bryanculver bryanculver added this to the v1.5.1 milestone Nov 4, 2022
@whitej6
Copy link
Contributor Author

whitej6 commented Nov 11, 2022

@glennmatthews @gsnider2195 @bryanculver Outside of adding the documentation, I have resolved all outstanding items. If we are good with how it's implemented I will start the SSO dev docs. If you could 👍 this comment to let me know it would be appreciated.

@gsnider2195
Copy link
Contributor

If you forget to run invoke provision-sso and try to bring up the keycloak container docker ends up creating a development/nautobot-realms.json/ directory which breaks subsequent calls to invoke provision-sso. Can we use a small bash or python script to generate that json file when the container starts up instead of using a separate invoke command? I think this would be a better developer experience

@bryanculver bryanculver removed this from the v1.5.1 milestone Nov 14, 2022
@gsnider2195
Copy link
Contributor

Still waiting to convert the invoke provision_sso logic into something that happens in the keycloak container at runtime.

@bryanculver
Copy link
Member

Please also address merge conflicts.

@bryanculver bryanculver marked this pull request as draft December 2, 2022 17:06
@bryanculver bryanculver changed the title Create local development env for SSO [WIP] Create local development env for SSO Dec 2, 2022
@bryanculver bryanculver changed the title [WIP] Create local development env for SSO SSO for Local Development of Nautobot Mar 14, 2023
@bryanculver bryanculver marked this pull request as ready for review March 14, 2023 13:10
@bryanculver bryanculver requested a review from a team March 14, 2023 13:24
@bryanculver
Copy link
Member

@nautobot/core having this in place will help for #3142

@bryanculver bryanculver requested review from gsnider2195 and a team March 14, 2023 13:51
bryanculver and others added 3 commits March 14, 2023 09:51
@bryanculver @gsnider2195
Update nautobot/docs/development/sso.md
ebdce06 
Co-authored-by: Gary Snider <75227981+gsnider2195@users.noreply.github.com>
@bryanculver
dup
bf80165
@bryanculver
Update SSO docs
5d24ed3
@bryanculver bryanculver self-requested a review March 14, 2023 14:08
@bryanculver bryanculver merged commit c22121d into nautobot:develop Mar 15, 2023
@bryanculver bryanculver self-assigned this Mar 16, 2023
@bryanculver bryanculver added the type: housekeeping Changes to the application which do not directly impact the end user label Mar 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gsnider2195 gsnider2195 gsnider2195 approved these changes

@glennmatthews glennmatthews Awaiting requested review from glennmatthews

@bryanculver bryanculver Awaiting requested review from bryanculver

Assignees

@bryanculver bryanculver

Labels
type: housekeeping Changes to the application which do not directly impact the end user
Projects
No open projects
Nautobot Core ⚙️
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@whitej6 @gsnider2195 @bryanculver @glennmatthews