-
Story
-
Resolution: Done
-
Major
-
None
-
None
-
None
-
BU Product Work
-
8
-
False
-
-
False
-
OCPSTRAT-713 - Add Authentication to internal Components of Agent Installer
-
-
-
Sprint 250, Sprint 252, Sprint 253, Sprint 254
User Story:
As a user, I want to be able to:
- Implement a new auth type `agent-installer-local` in assisted service. This new auth type will implement agentAuth and userAuth.
- The implementation will be based on existing local auth in assisted service.
- Note that in assisted service, when using local auth only agentAuth is implemented and userAuth is not supported. Agent auth: Validating a token using ECDSA public key
- For agent installer, AuthUserAuth will be internally calling the same logic for AuthAgentAuth
- Ref from assisted service existing local auth implementation: Implementing these four functions in your authenticator will give you access to all API endpoints
- AuthURLAuth and AuthImageAuth implementation will remain same as in assisted service
so that I can achieve
- API authentication
Acceptance Criteria:
Description of criteria:
- Upstream documentation
- Point 1
- Point 2
- Point 3
(optional) Out of Scope:
Detail about what is specifically not being delivered in the story
Engineering Details:
- (optional) https://github/com/link.to.enhancement/
- (optional) https://issues.redhat.com/link.to.spike
- Engineering detail 1
- Engineering detail 2
This requires/does not require a design proposal.
This requires/does not require a feature gate.
- depends on
-
AGENT-868 Generate ECDSA public private keys and pass it to assisted-service
- Closed
-
AGENT-872 Generate JWT token
- Closed
- is depended on by
-
AGENT-871 Authenticate agent API requests for agent based installer wait-for commands
- Closed
-
AGENT-875 Authenticate agent service API requests for agent based installer
- Closed
-
AGENT-876 Authenticate API requests for agent based installer systemd services using curl requests
- Closed
-
AGENT-878 Authenticate API requests for agent based installer systemd services using programatic requests
- Closed
-
AGENT-870 Update AUTH_TYPE env var
- Closed
- links to
- mentioned on