eduNEXT / eox-tenant

Plugin for managing multiple tenants (organizations) within a single Open edX instance.
GNU Affero General Public License v3.0
7 stars 4 forks source link

feat: add support for JWT authentication `DS-959` #206

Closed BryanttV closed 5 months ago

BryanttV commented 5 months ago

Description

This PR allows you to make a request with a JWT token.

Testing instructions

Using Tutor:

  1. Install the plugin with these changes. If you are installing it for the first time you should run the migrations.
  2. Create a new application from http://local.edly.io:8000/admin/oauth2_provider/application/. Associate a user with sufficient permissions and add to the Redirect uris field: http://local.edly.io:8000/
  3. Generate a JWT Token for the user using the next endpoint. POST http://local.edly.io:8000/oauth2/access_token/. The content type of the request must be application/x-www-form-urlencoded

    Body parameters

    • client_id: Client ID of the application created above. e.g. CAfZv...IHD0J
    • client_secret: Client Secret of the application created above. e.g. Qu2pnJJ9b1C6DA...u7Ej8x31RFiaKg9
    • grant_type: client_credentials
    • token_type: JWT

    Response

      {
          "access_token": "eyJhbGciOiJIUz...SsDAs3KE_gEc",
          "expires_in": 3600,
          "token_type": "JWT",
          "scope": "read write email profile"
      }
    • access_token: The user's access token. You must use this token in the Authorization header of the requests to the API.
  4. Test all eox-tenant endpoints using the JWT token, all should work correctly. You can use this eox-tenant postman collection.

Checklist for Merge

MaferMazu commented 5 months ago

I will test this soon, but in the meantime, can you add the Postman collection to the repository? Create a docs directory, something like https://github.com/eduNEXT/eox-core/tree/master/docs/resources, to add the collection you already created. It doesn't enter explicitly in the scope but will be helpful for future testing, and you already have the collection. Is it possible?

BryanttV commented 5 months ago

Hi @MaferMazu. Yes, I can do something similar to how it is in eox-core.

mariajgrimaldi commented 5 months ago

@MaferMazu: do we deploy the latest release somewhere for remote testing?

BryanttV commented 5 months ago

@MaferMazu, I already added the postman collection in docs/resources, and I also left a single signed commit.

MaferMazu commented 5 months ago

@mariajgrimaldi No, we only test this in our environments for now. Then, we want to implement something to make testing easy in remote environments.