Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature: Migrate demo portal IDP to a real OIDC server #1574

Closed
kbeaugrand opened this issue Nov 22, 2022 · 5 comments
Closed

Feature: Migrate demo portal IDP to a real OIDC server #1574

kbeaugrand opened this issue Nov 22, 2022 · 5 comments
Assignees
Labels
enhancement New feature or request refactoring Restructure the source code so as to improve operation with
Milestone

Comments

@kbeaugrand
Copy link
Member

Is your feature request related to a problem? Please describe.

The demo portal uses Azure AD B2C to authenticate users. However, this IDP is not fully compatible with the Open ID Connect protocol. For example, it is missing the userinfo_endpoint, which causes problems when authenticating when migrating to .NET 7 for example.

Describe the solution you'd like
Ensure that our IDP for our demo portal supports all the required flows from the default OIDC-client implementation.

Describe alternatives you've considered
Wait for the ASP.NET Core team to update the oidc-client package to v2.0, which could allow us to work with AD B2C since it no longer requires the userinfo_endpoint to authenticate users...

Additional context
N/A

@kbeaugrand kbeaugrand added enhancement New feature or request refinement labels Nov 22, 2022
@developer-companion developer-companion bot moved this to 📝 Todo in IoT Hub Portal Nov 22, 2022
@kbeaugrand
Copy link
Member Author

This ticket is for:

  • Benchmark of existing solutions that we could implement
  • Implement the new provider

We will decide during the analysis which provider to use (prefer the faster to implement).

@kbeaugrand kbeaugrand added refactoring Restructure the source code so as to improve operation with and removed refinement labels Nov 23, 2022
@kbeaugrand kbeaugrand added this to the S48 milestone Nov 26, 2022
@kbeaugrand kbeaugrand self-assigned this Nov 26, 2022
@kbeaugrand kbeaugrand moved this from 📝 Todo to 🚧 In Progress in IoT Hub Portal Nov 26, 2022
@kbeaugrand
Copy link
Member Author

I tried :

  • Frontegg
  • Auth0
  • ...

Finally, I'm deploying Keycloak instance on Azure... I'll give to other developpers the settings

@kbeaugrand
Copy link
Member Author

New settings for the application to get the OpenIdConnect from keycloak instance:

  "OIDC:Scope": "iot_access",
  "OIDC:MetadataUrl": "https://cgigeiotdemoauth.azurewebsites.net/auth/realms/iot-portal/.well-known/openid-configuration",
  "OIDC:ClientId": "iot-portal",
  "OIDC:Authority": "https://cgigeiotdemoauth.azurewebsites.net/auth/realms/iot-portal",
  "OIDC:ApiClientId": "iot-portal-api",
  "OIDC:ValidateAudience": "False",

@kbeaugrand
Copy link
Member Author

Need now to switch the users and update the demonstration instance

@kbeaugrand kbeaugrand moved this from 🚧 In Progress to 💬 Ready for Review in IoT Hub Portal Nov 28, 2022
@kbeaugrand
Copy link
Member Author

Portal updated, all developers received their credentials

@kbeaugrand kbeaugrand moved this from 💬 Ready for Review to 🚀 Ready in IoT Hub Portal Nov 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request refactoring Restructure the source code so as to improve operation with
Projects
Status: 🚀 Ready
Development

No branches or pull requests

1 participant