Open thomasyip opened 5 years ago
@calavera @Benaiah or @rybit is this PR something you guys might consider adopting? I have some time today and tomorrow to address comment. After tomorrow, it will be harder for me to spend time on it. Thank you very much for your time.
- Summary This PR adds support for OAuth2 RS256 alg via Okta's golang lib. There were a few typical pitfalls on implementing OAuth, we feel it was better to use the lib developed by our vendor. (eg, https://github.com/dgrijalva/jwt-go/issues/147)
The PR abstracts
auth.go
to make the new implementation work alongside with the existingalg
. It also makes adding other alg or implementing it with other lib easier later.We can back-out the Okta implementation upon request. But, we like the abstraction on auth.go to stay such to make it easier for us to keep it in-sync.
- Test plan The Docker on
master
branch failed to build when we pulled** and had no instruction on how to get it runs. We got it to built and provided some instructions.** (I later found out there is travis setup. I didn't aware of Travis-ci setup in the beginning.)
We didn't add test in this PR, but believe we improves the quality a little bit over existing condition for the Docker use-case.
The PR should pass Travis-CI. I added an workaround to make Travis-ci works for a fork.
- Description for the changelog Added the option to authenticate using OKTA lib (which use RS256 alg).
- A picture of a cute animal (not mandatory but encouraged)