You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@airavata.apache.org by "Marcus Christie (JIRA)" <ji...@apache.org> on 2017/09/26 14:50:00 UTC

[jira] [Created] (AIRAVATA-2535) Django: Keycloak integration

Marcus Christie created AIRAVATA-2535:
-----------------------------------------

             Summary: Django: Keycloak integration
                 Key: AIRAVATA-2535
                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2535
             Project: Airavata
          Issue Type: New Feature
            Reporter: Marcus Christie
            Assignee: Marcus Christie


Integrate with Keycloak. Following is an incomplete list of needed functionality (these should be created as subtasks):
* refresh token when access token reaches half of its lifetime
* load Keycloak roles into session
* logout of session in middleware when token expires

As much as possible calls to Keycloak APIs should be minimized. The PHP PGA was making direct API calls for some functionality but we want to make calls to the Profile Service to handle those things. Some things that need to be moved to the Profile Service:
* getting roles
* getting roles for a user
* getting users
* updating a user's roles
* whether a password update is required



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)