Closed kozbo closed 4 years ago
PR #103 introduces a new object-oriented abstraction for handling the authentication flow. That PR has been merged.
Additional backend work is continuing in #112 and #113, which introduce more general decorators that can be used to pass parameters to the auth mechanism to control the auth flow.
PR #113 has been merged!
Oops, closed prematurely. #113 introduces the flexibility needed to implement Auth0, but the Auth0 class it introduces is a stub. More PRs to follow.
Partially addressed by PR #130, which implements basic security checks for the Auth0
class (adding mixins to access JWT information, etc.) in dss.util.auth
. This PR includes stub methods for the FLAC table, which is next on the list of work items.
This is also partially addressed by PR databiosphere/data-store-auth#3, which adds terraform files to set up Auth0 infrastructure. This infrastructure will allow users to log in via Auth0, and will add additional Auth0-specific information to the user's JWT claim. This info can then be used in security assertions.
These two PRs conclude the work on this issue.
Note that this relates to issue #109 (Make OIDC layer more flexible in data store) and PR #103 (DSS Auth: Flexible AuthZ).
PR #103 will implement a new abstraction for Auth backends and will implement one backend, Fusillade, using existing code.
This issue is for creating and implementing a backend for Auth0 using the new abstraction introduced in #103.