Uploaded image for project: 'Kogito'
  1. Kogito
  2. KOGITO-7058

[KSW][OpenAPI] - Add support for programmatic configuration of OidcClients for Oauth2

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Won't Do
    • Minor
    • None
    • None
    • Serverless Workflow Engine
    • None
    • False
    • None
    • False
    • ---
    • ---

    Description

      Today, KOGITO-6970 OAuth2 support can be configured via application properties:

      quarkus.oidc-client.petstore_auth.auth-server-url=${keycloak.url}
quarkus.oidc-client.petstore_auth.discovery-enabled=false
quarkus.oidc-client.petstore_auth.token-path=/tokens
quarkus.oidc-client.petstore_auth.credentials.secret=secret
quarkus.oidc-client.petstore_auth.grant.type=password
quarkus.oidc-client.petstore_auth.grant-options.password.username=alice
quarkus.oidc-client.petstore_auth.grant-options.password.password=alice
quarkus.oidc-client.petstore_auth.client-id=petstore-app

      Alternatively, users could programmatically create their own OidcClientConfig:

      @Path("/clients")
public class OidcClientResource {

    @Inject
    OidcClients clients;

    @GET
    public String getResponse() {
        OidcClientConfig cfg = new OidcClientConfig();
        cfg.setId("myclient");
        cfg.setAuthServerUrl("http://localhost:8081/auth/realms/quarkus/");
        cfg.setClientId("quarkus");
        cfg.getCredentials().setSecret("secret");
        Uni<OidcClient> client = clients.newClient(cfg);
        // use this client to get the token
    }
}

      The extension should also support this method of defining the configuration. See: https://quarkus.io/guides/security-openid-connect-client#use-oidcclients

      Attachments

        Issue Links

          is incorporated by

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. SRVLOGIC-2 [core] OAuth2 authorization flow in workflows

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is related to

          Feature Request - Feature requests from customers and/or users KOGITO-7057 [KSW][OpenAPI] - Add Token Propagation support to OpenAPI Extension

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Resolved
          relates to

          Feature Request - Feature requests from customers and/or users KOGITO-6970 Add support for OAuth2 on Quarkus OpenAPI Extension

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              wmedvede@redhat.com Walter Medvedeo
              rhn-support-zanini Ricardo Zanini Fernandes
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: