Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-2542

Ability to configure JWT client_id parameters on system

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • 2.6 ER1
    • System
    • None
    • 8
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • 3scale 2019-08-12, 3scale 2019-08-26, 3scale 2019-09-09, 3scale 2019-10-14

      At the moment two new parameters for OpenID configuration are going to be added in APICast

      proxy.jwt_claim_with_client_id that it's a string.
      proxy.jwt_claim_with_client_id_type that defines if it's plain or liquid.

      That will receive the JWT payload, and it'll render to get the client_id that the customer wants.

      This task is blocked by THREESCALE-2264 and PR1034

      See this comment

      Dev notes

      • This is only for OIDC integration in the proxy and belongs in the auth part of the form that shows when OIDC has been selected
      • We should create 2 fields, a text input for the proxy.jwt_claim_with_client_id and a select for proxy.jwt_claim_with_client_id_type
      • Add the 2 fields there underneath
      • default values should be: plain & 'azp'
      • If the selected proxy.jwt_claim_with_client_id_type is liquid, validate the syntax of proxy.jwt_claim_with_client_id
        Probably APIcast is already validating it, but the configuration should also
      • Needs a migration to add 1 or 2 columns (need to be thought out carefully as we may end up adding more and more configuration to the proxy later)

              Unassigned Unassigned
              eloycoto Eloy Coto
              Jakub Smadis Jakub Smadis (Inactive)
              Hery Ramihajamalala Hery Ramihajamalala (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: