The current method for authentication within VCell is outdated and no longer follows the required standards for the grant provided. Having to update our authorization to a modern implementation.
Solution
Utilize Auth0 for our authentication and an identity provider taking the burden of authentication from VCell.
Phase 1 (Hard Code)
[x] Create a table that allows for identity mappings in VCell database, which means auth0 identities can be associated with VCell IDs
[x] Hard code some test identities within the VCell test DB
[x] Add functions that reads the VCell DB for these identity mappings
Phase 2 (Transition between old authentication and new)
[x] Create functions that can add identity mappings to the VCell database
[x] Ensure there's some logic which takes and OIDC security identity and return an old API bearer token
Authenticated Already, Operations You Can Do
Get user bearer token
Get Vcell user: returns vcell user
Map user: requires userID and passwd
Learn RSA again, and implement a method for common RSA keys
Phase 3 (Implement within VCell Client)
1224
[x] #1231
[x] Create some flow in the GUI that prompts users to map their VCell account to their Auth0 account
[x] Instead of showing a user login screen with "User name and Password" show a screen with:
A button for users to login with Auth0
Input VCell username and password if they already have an account
Auth0 credentials through the browser
Get old API access token, set it alongside the authenticated API Client and continue with the rest of VCell
Problem
The current method for authentication within VCell is outdated and no longer follows the required standards for the grant provided. Having to update our authorization to a modern implementation.
Solution
Utilize Auth0 for our authentication and an identity provider taking the burden of authentication from VCell.
Phase 1 (Hard Code)
Phase 2 (Transition between old authentication and new)
Authenticated Already, Operations You Can Do
Phase 3 (Implement within VCell Client)
1224