sregistry icon indicating copy to clipboard operation
sregistry copied to clipboard
verified publisher icon singularityhub

Fiware backend

Open victorsndvg opened this issue 8 years ago • 8 comments

Some minor changes to include Fiware auth backend. To discuss

victorsndvg avatar Dec 26 '17 16:12 victorsndvg

Awesome! A quick question, and then a request before starting review:

  1. If Fiware is of interest to others and the functions are a general OAuth flow, have you considered doing a PR to python social auth first, so others can also benefit / use (and then singularity registry can add through python social auth?) --> http://python-social-auth.readthedocs.io/en/latest/backends/ This would be my preferred choice. If this isn't the case, why is it not suited?

  2. And given the above requires adding as a plugin, I would want to request reorganization of the "backend" as a "plugin." Do you see any reason that we would want to distinguish a backend from a plugin? You can use @dctrud example with ldap (also a log in mechanism) - you would have the user add fiware to plugins enabled, and then check for it there.

Looking forward to this discussion! Let me know your thoughts on the above.

vsoch avatar Dec 26 '17 16:12 vsoch

Hi @vsoch ,

  1. I'm not an expert, but I've heard the following: Fiware is based on Keyrock IDM, it works perfect for managing not too many users. Nowadays, the number of Fiware users has increased and to sing-in with Fiware is taking too much time. (I've heard) This is why Keyrock IDM is close to be deprecated in favour of KeyStone IDM. I think is better to wait for this new KeyStone IDM to do a PR into python-social-auth. As I need to use this OAuth server with SRegistry I add it directly as a "backend" and you can add it into this project if you want.

  2. I'm not used to develop django applications, I try to add it as a plugin but I was not able to create the proper urls.py and views.py to make it work. If you think this is the right way to do it, I can try again and ask you for support.

  3. It can be nice to add some documentation about how to deploy the IDM (similar to the LDAP server deployment instructions) for the PR, but now we are rushing with the project and I will not be able to have to much things done for SRegistry till February.

Let me know your thought!

victorsndvg avatar Dec 27 '17 09:12 victorsndvg

Yes, please give a first shot at making it a plugin (2) and I will be glad to help.

vsoch avatar Dec 27 '17 12:12 vsoch

Hi @vsoch ,

I did the first effort to add fiware as a plugin. I tried to follow your instructions from the docs, but probably I miss some things.

Can you provide me some guiding to finish this process??

Thanks in advance!

victorsndvg avatar Mar 12 '18 08:03 victorsndvg

I can pull this today and give it a try! Do you have any way for me to try testing the actual authentication? How do I set up an account to test?

vsoch avatar Mar 12 '18 10:03 vsoch

The default public endpoint can be found here:

#FIWARE_IDM_ENDPOINT = 'https://account.lab.fiware.org'

You can create an account, create a new application and register your deployment.

If you prefer I can give you some secrets for an application registered by myself in our hosted IDM.

It's for an sregistry deployed locally (with IP 127.0.0.1) and http protocol. It's perfect for tests! ;)

victorsndvg avatar Mar 12 '18 10:03 victorsndvg

okay this would be great!! I'd love an account!

I'm going to be able to work on this when I wake up (again) it's still pretty early here. Do you want to send me the credentials securely? You should be able to find me in the Github events log.

vsoch avatar Mar 12 '18 10:03 vsoch

Sorry, I have sent you an email with the info about your account and the registered application.

Let me know if you need help!

victorsndvg avatar Mar 12 '18 13:03 victorsndvg