JulianFeinauer
commented
4 years ago Is there any progress on that? I did not yet check the code but I worked with the Spring Security Keycloack Adapter the last days so I could possibly help a bit here.
Open aedelmann opened 6 years ago
JulianFeinauer
commented
4 years ago Is there any progress on that? I did not yet check the code but I worked with the Spring Security Keycloack Adapter the last days so I could possibly help a bit here.
kolotu
commented
4 years ago No there is no active development on this one - feel free to pick it up, if you like.
Confirmations: The repository can be set up and configured using an external Keycloak Server as an OAuth Provider. In this case, users and their memberships and Vorto Repository roles are managed in Keycloak. In this case , during the OAuth Flow, the resulting JWT Token contains the user's roles in a Keycloak specific token representation. The repository is able to read these user roles and grant model access in the API Gateway accordingly.
Technical Info: Keycloak provides a Spring Security adapter that is able to deserialize a Keycloak issued token, to easily access role information, see https://www.keycloak.org/docs/2.5/securing_apps/topics/oidc/java/spring-security-adapter.html