Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable Authentication and Access Control Via OAuth and Team Membership #96

Merged
merged 14 commits into from
Jun 6, 2024
Merged

Enable Authentication and Access Control Via OAuth and Team Membership #96

merged 14 commits into from
Jun 6, 2024

Conversation

ericpassmore
Copy link
Collaborator

Added logic to authenticate against GitHub, and then check membership in engineering team for access control.

  • env file for OAuth secretes
  • documentation on authentication and how to setup env file
  • new stateless GitHubOauth class to handle OAuth actions
  • new EnvStore class to manage env file
  • UI updates with github username and avatar presented at login
  • new application endpoints for logout and OAuth support
  • new tests for new webservice endpoints
  • documentation updates for webservice updates

@ericpassmore ericpassmore self-assigned this Apr 15, 2024
@ericpassmore
Copy link
Collaborator Author

fixes #89
fixes #44

This was referenced Apr 15, 2024
Closed
Closed
kj4ezj
kj4ezj reviewed Apr 16, 2024
View reviewed changes
Copy link
Contributor

@kj4ezj kj4ezj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not my formal review, I just found a typo and figured I'd provide a heads-up right away instead of waiting till the end.

docs/http-service-calls.md Outdated Show resolved Hide resolved
@kj4ezj
Copy link
Contributor

kj4ezj commented Apr 16, 2024

Added logic to authenticate against GitHub, and then check membership in engineering team for access control.

Can we expand this from enf-engineering to enf-employees? The performance benchmark data typically has broader interest within the organization, beyond just the engineering team.

@ericpassmore
Copy link
Collaborator Author

Added logic to authenticate against GitHub, and then check membership in engineering team for access control.

Can we expand this from enf-engineering to enf-employees? The performance benchmark data typically has broader interest within the organization, beyond just the engineering team.

Short answer is not at this time, because not all enf employees are on github, and we do not have a team that includes all employees. To fix this we could to add google as another oauth provider, and I can open an issue to track that.

In addition, I will add the team membership to the env configuration file. This will make it easier to change the team that controls access.

This was linked to issues Apr 17, 2024
[REPLAY-10] Oauth Login to Orchestration Service Via Github #44
Closed
remove old HTML code from webservice #89
Closed
@ericpassmore ericpassmore linked an issue Apr 19, 2024 that may be closed by this pull request
[REPLAY-6] API authentication to orchestration service #36
Closed
@ericpassmore
Copy link
Collaborator Author

Added HTTP API using Authorization header. Fixes #36

@ericpassmore ericpassmore changed the title Enable OAuth Enable Authentication and Access Control Via OAuth and Team Membership Apr 25, 2024
@kj4ezj kj4ezj merged commit 565ce67 into main Jun 6, 2024
3 checks passed
@kj4ezj kj4ezj deleted the ehp/auth_flow branch June 6, 2024 18:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kj4ezj kj4ezj kj4ezj approved these changes

Assignees

@ericpassmore ericpassmore

Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@ericpassmore @kj4ezj