Skip to content
This repository has been archived by the owner on Mar 11, 2021. It is now read-only.

Use developers.redhat.com Identity Provider directly from Auth service #350

Open
7 of 8 tasks
alexeykazakov opened this issue Feb 26, 2018 · 2 comments
Open
7 of 8 tasks

Comments

@alexeykazakov
Copy link
Contributor

alexeykazakov commented Feb 26, 2018

Currently we have there layers of services for login:
auth.openshift.io -> sso.openshift.io (OSIO Keycloak) -> developers.redhat.com (RHD Keycloak).
As soon as we switch Che to use Auth service and have authorization service in place on the auth.openshift.io side we can get rid of the OSIO Keycloak layer a start using RHD Keycloak directly.

Phase 1 : Stop talking to keycloak except during login.

Phase 2: Talk to RHD directly during login

  • Switch Che to Auth
  • Configure RHD creds

Dependency

Also tracked in openshiftio GitHub - openshiftio/openshift.io#2367

@sbose78
Copy link
Member

sbose78 commented Aug 6, 2018

Switch Che to Auth

DONE. Login using Auth's OAuth2.0 workflow.

Start generating tokens in Auth instead of KC

We already do so. Need to stop talking to KC, and talk to RHD only.

Switch all existing Authorization implementation to Auth service

Done 🎆

Support offline tokens in Auth.

#577

@sbose78
Copy link
Member

sbose78 commented Aug 7, 2018

updated the comment above with the list of tasks.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

4 participants