CERIT-SC / funnel-gdi

MIT License
1 stars 3 forks source link

Add login endpoints and UI scripts to use them #15

Closed mrtamm closed 2 months ago

mrtamm commented 2 months ago

Here are changes that are designed to solve issue #13.

There are also some configuration changes regarding Server.OidcAuth:

  1. ServiceConfigUrl was renamed to ServiceConfigURL to follow "URL" naming convention used in other parameters
  2. Added RedirectURL to specify where the user needs to be redirected after the login (application's endpoint)

In general, two HTTP endpoints were added:

  1. /login – this redirects user to OIDC login page, or otherwise requests Basic credentials, or otherwise just redirects user back to root path when no authentication is configured.
  2. /login/token – this returns the JWT token for the frontend to use (if OIDC is not used, this response will be an empty HTTP 200). If OIDC is configured but user is not authenticated, the response will be HTTP 404.

The frontend side was updated to first attempt to retrieve a token from /login/token. On failure, the user will be redirected to the /login path, which initiates the login flow.

Note that this login flow is possible only with the HTTP-based API and not with the gRPC API.

xhejtman commented 2 months ago

seems to be failing a bit?

mrtamm commented 2 months ago

Please try the failing job once again. It succeeded in my repo.