Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor Authentication Dependency Injection #2729

Open
notthatbreezy opened this issue Nov 21, 2017 · 0 comments

Comments

2 participants
@notthatbreezy
Copy link
Contributor

commented Nov 21, 2017

Problem description

To help with testing and to allow authentication to be more configurable + flexible it should be possible to start the API and tile server with different authentication options.

Most authentication methods parse the auth header and either return a user, boolean, or reject the request if authentication fails.

Right now server configuration is handled by stacking traits; however authentication is somewhere near the bottom of this stack. This makes it pretty difficult to override it or replace it (even for testing purposes).

Expected Behavior or Output

  • A trait with most methods left unimplemented for authentication (using the current implementation as a good starting point for required methods)
  • A class/trait that implements those methods for Auth0 authentication

Once this task is complete, a new task to fix tests using a mock authentication client should be added

notthatbreezy added a commit that referenced this issue Nov 21, 2017

Ignore broken tests until Authentication DI is fixed
This commit ignores route tests that are broken and should be fixed following
the completion of #2729

notthatbreezy added a commit that referenced this issue Nov 21, 2017

Add OIDC Auth0 Support to Raster Foundry
 - Move to OIDC compliant endpoint on POST /api/tokens
 - Refactor authentication verification to use RS256
 - Adds a new dependency to backend to enable verifying tokens and also updates
backend to ensure correct tokens are returned from Auth0.
 - Fix social login / refresh token creation
 - Update auth0-lock to 10.24.0
 - Add better support for redirecting logins
 - Consolidate login page to single module file
 - Use environment to get JWKs URL
 - Also instantiates the remote JWKSet outside of the function call. This should
improve performance because the remote set caches the response by default.
 - Use systems@rasterfoundry.com auth0 account instead of rf|airflow-user
 - Replace usages of airflowUser with systemUser
 - Use refresh token in python client
 - Restrict changing scene metadata based on current user === owner
 - Ignore broken tests until Authentication DI is fixed
 - This commit ignores route tests that are broken and should be fixed following
the completion of #2729
 - Remove/update dependencies for JWT

notthatbreezy added a commit that referenced this issue Nov 21, 2017

Add OIDC Auth0 Support to Raster Foundry
 - Move to OIDC compliant endpoint on POST /api/tokens
 - Refactor authentication verification to use RS256
 - Adds a new dependency to backend to enable verifying tokens and also updates
backend to ensure correct tokens are returned from Auth0.
 - Fix social login / refresh token creation
 - Update auth0-lock to 10.24.0
 - Add better support for redirecting logins
 - Consolidate login page to single module file
 - Use environment to get JWKs URL
 - Also instantiates the remote JWKSet outside of the function call. This should
improve performance because the remote set caches the response by default.
 - Use systems@rasterfoundry.com auth0 account instead of rf|airflow-user
 - Replace usages of airflowUser with systemUser
 - Use refresh token in python client
 - Restrict changing scene metadata based on current user === owner
 - Ignore broken tests until Authentication DI is fixed
 - This commit ignores route tests that are broken and should be fixed following
the completion of #2729
 - Remove/update dependencies for JWT

notthatbreezy added a commit that referenced this issue Nov 21, 2017

Add OIDC Auth0 Support to Raster Foundry
 - Move to OIDC compliant endpoint on POST /api/tokens
 - Refactor authentication verification to use RS256
 - Adds a new dependency to backend to enable verifying tokens and also updates
backend to ensure correct tokens are returned from Auth0.
 - Fix social login / refresh token creation
 - Update auth0-lock to 10.24.0
 - Add better support for redirecting logins
 - Consolidate login page to single module file
 - Use environment to get JWKs URL
 - Also instantiates the remote JWKSet outside of the function call. This should
improve performance because the remote set caches the response by default.
 - Use systems@rasterfoundry.com auth0 account instead of rf|airflow-user
 - Replace usages of airflowUser with systemUser
 - Use refresh token in python client
 - Restrict changing scene metadata based on current user === owner
 - Ignore broken tests until Authentication DI is fixed
 - This commit ignores route tests that are broken and should be fixed following
the completion of #2729
 - Remove/update dependencies for JWT

notthatbreezy added a commit that referenced this issue Nov 27, 2017

Add OIDC Auth0 Support to Raster Foundry
 - Move to OIDC compliant endpoint on POST /api/tokens
 - Refactor authentication verification to use RS256
 - Adds a new dependency to backend to enable verifying tokens and also updates
backend to ensure correct tokens are returned from Auth0.
 - Fix social login / refresh token creation
 - Update auth0-lock to 10.24.0
 - Add better support for redirecting logins
 - Consolidate login page to single module file
 - Use environment to get JWKs URL
 - Also instantiates the remote JWKSet outside of the function call. This should
improve performance because the remote set caches the response by default.
 - Use systems@rasterfoundry.com auth0 account instead of rf|airflow-user
 - Replace usages of airflowUser with systemUser
 - Use refresh token in python client
 - Restrict changing scene metadata based on current user === owner
 - Ignore broken tests until Authentication DI is fixed
 - This commit ignores route tests that are broken and should be fixed following
the completion of #2729
 - Remove/update dependencies for JWT

@notthatbreezy notthatbreezy added priority queue and removed priority labels Nov 29, 2017

@alkamin alkamin added this to the Sprint 11/29/17 milestone Dec 5, 2017

@notthatbreezy notthatbreezy added priority and removed queue labels Dec 13, 2017

@alkamin alkamin removed this from the Sprint 11/29/17 milestone Apr 21, 2018

@notthatbreezy notthatbreezy removed the priority label Jun 12, 2018

@notthatbreezy notthatbreezy added queue and removed priority labels Aug 22, 2018

@notthatbreezy notthatbreezy added priority and removed queue labels Sep 24, 2018

@notthatbreezy notthatbreezy removed the priority label Mar 7, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.