Skip to content

fix(auth): add dual-login to RH-SSO and MAS-SSO#404

Merged
craicoverflow merged 4 commits intomainfrom
double-login
Mar 5, 2021
Merged

fix(auth): add dual-login to RH-SSO and MAS-SSO#404
craicoverflow merged 4 commits intomainfrom
double-login

Conversation

@craicoverflow
Copy link
Contributor

@craicoverflow craicoverflow commented Mar 1, 2021
edited
Loading

Fixes #400

This PR mainly implements dual-login to both RH-SSO and then MAS-SSO. I have also ensured that the entire authorization cycle is updated - logout and token refresh always happen at the same time for both authorization servers.

What has changed

  • Move redirect page to static file
  • Log in to MAS-SSO after RH-SSO
  • Refresh tokens from both auth servers at the same time
  • Log out from both servers at same time
  • Update config from within the connection instance
  • Extract realm from auth URL
  • Generate docs

Verification

  1. Run rhoas login
  2. You will need to log in to sso.redhat.com
  3. Once successful, you will be redirected and need to log in to MAS-SSO.

craicoverflow
craicoverflow commented Mar 1, 2021
View reviewed changes
@wtrocki
Copy link
Collaborator

wtrocki commented Mar 1, 2021
edited
Loading

So basically there is a lots of extra changes in this PR but conceptually all is good. We need cleanup not needed stuff add keycloak redirect, require-sso ( that launches micro iframe)

Would existing SSO client support localhost redirect?

@craicoverflow craicoverflow force-pushed the double-login branch 3 times, most recently from ff05d5d to 6d4da01 Compare March 4, 2021 15:32
@craicoverflow craicoverflow changed the title wip: double login fix(auth): add dual-login to RH-SSO and MAS-SSO Mar 4, 2021
@craicoverflow craicoverflow requested a review from wtrocki March 4, 2021 16:02
@craicoverflow
Copy link
Contributor Author

craicoverflow commented Mar 4, 2021

Ready for review @wtrocki and @rkpattnaik780 - a large and very important PR.

Enda Phelan added 3 commits March 4, 2021 16:07
fix(auth): add dual login
1aa323f 
The CLI needs to be logged in to two authorization servers
to be able to interact with the control plane and data plane APIs

This adds a double-login, meaning the users will log in to both
when they run "rhoas login"
style: fix formatting
f8b1eba
fix(keycloak): extract realm from URL
b354535
@craicoverflow craicoverflow force-pushed the double-login branch 4 times, most recently from 50cb546 to e360174 Compare March 4, 2021 16:34
@wtrocki
Copy link
Collaborator

wtrocki commented Mar 4, 2021

Good to merge but after #419 please ;D

@craicoverflow craicoverflow merged commit 690587f into main Mar 5, 2021
@craicoverflow craicoverflow deleted the double-login branch March 5, 2021 09:22
@craicoverflow
Copy link
Contributor Author

craicoverflow commented Mar 5, 2021

Good to merge but after #419 please ;D

Needed to merge to proceed - #419 needs changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wtrocki wtrocki wtrocki approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Authenticate to MAS-SSO

2 participants

@craicoverflow @wtrocki