You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@airavata.apache.org by "Marcus Christie (JIRA)" <ji...@apache.org> on 2017/09/26 14:50:00 UTC
[jira] [Created] (AIRAVATA-2535) Django: Keycloak integration
Marcus Christie created AIRAVATA-2535:
-----------------------------------------
Summary: Django: Keycloak integration
Key: AIRAVATA-2535
URL: https://issues.apache.org/jira/browse/AIRAVATA-2535
Project: Airavata
Issue Type: New Feature
Reporter: Marcus Christie
Assignee: Marcus Christie
Integrate with Keycloak. Following is an incomplete list of needed functionality (these should be created as subtasks):
* refresh token when access token reaches half of its lifetime
* load Keycloak roles into session
* logout of session in middleware when token expires
As much as possible calls to Keycloak APIs should be minimized. The PHP PGA was making direct API calls for some functionality but we want to make calls to the Profile Service to handle those things. Some things that need to be moved to the Profile Service:
* getting roles
* getting roles for a user
* getting users
* updating a user's roles
* whether a password update is required
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)