Manageiq: Research moving API OpenID-Connect/OAuth2 support into Apache configuration

Created on 24 Feb 2020  路  4Comments  路  Source: ManageIQ/manageiq

manageiq-api PR 737 added OpenID-Connect/OAuth2 support to the API.

It might be possible to simplify this solution by leveraging OpenID-Connect/OAuth2 setup in the mod_auth_openidc configuration files.

This issue will be used to track this investigation.

corauthentication refactoring

Most helpful comment

If this is not possible, then tests should be added to cover the code moved in #19936

All 4 comments

@miq-bot add_label core/authentication
@miq-bot add_label refactoring
@miq-bot assign @jvlcek

If this is not possible, then tests should be added to cover the code moved in #19936

Hi @jvlcek, was peeking at this today, looks like we should be able to protect our /api endpoint Location
using an AuthType of oauth20. There's a good write-up on it at https://github.com/zmartzone/mod_auth_openidc/wiki/OAuth-2.0-Resource-Server

Hopefully we can kick the tire with some of these examples.

@abellotti Thank you for that pointer. I'm kicking away at the tires on it right now.

Was this page helpful?
0 / 5 - 0 ratings