search

famoser / vseth-newsletter

curate and send the vseth newsletter
MIT License
0 stars 0 forks source link

implement openid #1

Open famoser opened 4 years ago

famoser commented 4 years ago

first service of VSETH: OIDC Discovery at https://auth.vseth.ethz.ch/auth/realms/VSETH/.well-known/openid-configuration application name is vseth-newsletter-new

token will look like 

{
  "jti": "4523162c-ec0a-41cb-b5f2-7ccadc72c37b",
  "exp": 1585309985,
  "nbf": 0,
  "iat": 1585304375,
  "iss": "https://auth.vseth.ethz.ch/auth/realms/VSETH",
  "sub": "8784136e-980f-4545-8b04-02f672fb3093",
  "typ": "Bearer",
  "azp": "vseth-newsletter-new",
  "auth_time": 0,
  "session_state": "d1fbf8ed-bfa2-4abf-b6c7-22731ad610cb",
  "acr": "1",
  "resource_access": {
    "vseth-newsletter-new": {
      "roles": [
        "0700-jamesbond"
      ]
    }
  },
  "scope": "openid profile email",
  "email_verified": true,
  "name": "Peter Müller",
  "preferred_username": "muellerpe",
  "given_name": "Peter",
  "family_name": "Müller",
  "email": "petermueller@ethz.ch"
}

after setup, configure redirect URIs with administrator

famoser commented 4 years ago

implementation non-trivial; wait for organisation sync #5 to avoid refactoring of authentication twice.