Uploaded image for project: 'OpenShift Console'
  1. OpenShift Console
  2. CONSOLE-4502

Add sessions for openshift auth config

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • None
    • None
    • OCP Console - Sprint 273

      We currently don't support sessions in the console backend when running with a default openshift oauth configuration. We have a few endpoints that require us to validate user tokens, and we do so by making TokenReview requests to the API server. This is not ideal because it means every request to these endpoints actually require us to make two requests to the API server; the TokenReview, then the delegated API server request represented by that endpoint. To eliminate these extra TokenReview requests, we need to implement user sessions like the what is used in the standard OIDC authentication configuration.

       

      AC:

      • The OpenShift OIDC auth config supports sessions, similar to the standard OIDC authentication configuration
      • TokenReview middleware is removed, replaced by validation using session

      Stretch:

      • User session should be added to request context so that we can remove the "user" argument from auth middleware handler functions.

              rh-ee-jonjacks Jon Jackson
              rh-ee-jonjacks Jon Jackson
              None
              None
              YaDan Pei YaDan Pei
              None
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: