Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement support for Auth0 both in API and normal login #3125

Merged
merged 19 commits into from
Feb 24, 2024
Merged

Implement support for Auth0 both in API and normal login #3125

merged 19 commits into from
Feb 24, 2024

Conversation

henrikhorluck
Copy link
Member

  • Support Auth0 export
  • Move API-auth to Auth0 JWT
  • Support login with Auth0 in normal OW4
  • Remove ways to edit a user-profile

Description of changes

Code Checklist

  • I have added tests
  • I have provided documentation

Visual changes

Before
After

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 2, 2024
View reviewed changes
scripts/management/commands/auth0_export.py Dismissed Show dismissed Hide dismissed
scripts/management/commands/auth0_export.py Dismissed Show dismissed Hide dismissed
@henrikhorluck henrikhorluck force-pushed the feat/yeet-cognito branch 2 times, most recently from b3310d9 to b284b36 Compare February 3, 2024 14:29
@henrikhorluck
Support Auth0 export
fd1d543
@henrikhorluck
Move API-auth to Auth0 JWT
92b9ec2
@henrikhorluck
Support login with Auth0 in normal OW4
b59063e 
Design is a TODO, and now a _lot_ of stuff should be removed
@henrikhorluck
Remove ways to edit a user-profile
5ba6393
@henrikhorluck
Remove django-oidc-provider
ce5f0a5
@henrikhorluck
Remove SSO-leftovers
2295ada
@henrikhorluck
Display email instead of username
b5e8570
@henrikhorluck
Remove Slack app
6e2a146 
Only exposed a single endpoint to make an invite-link to the slack
workspace, but has been failing for who knows how long.

Just remove it, essentially unused.
@henrikhorluck
Remove Mailinglists
f2467b8 
This was intended to be used as a new source-of-truth or something for
the lists in Google Workspace.

The sync was never implemented.

We do not want more data sync.

Remove it.
@henrikhorluck
Remove references to .primary_email
b630df7 
It is the _same_ as `.email`, and with the change to Auth0 we will only
have one email on the accounts.
@henrikhorluck
Move email-list-sync from a signal to save()
8e5606f 
Now use .email
@henrikhorluck
Stop server multiple emails over the API
a293478 
For some reason we had both `/profile/emails` and `/user/emails`, which
appear to just duplicate functionality, while the `/user`-one allowed us
to change it?

Either way: we can already directly modify `.email` through e.g.
UserUpdateViewSet, so no need to make a new endpoint.
@henrikhorluck
Sync email-changes to Auth0
fa2c380 
The email-sending appears to not actually result in emails being sent?

This should maybe have some more error-handling?
@henrikhorluck
Note that email-changing has been moved to OWF
858e051
@henrikhorluck
Make endpoints not rely on username
89ebe8b
@henrikhorluck
Default BASE_URL to one that is usabel locally
ba1ea32 
This is mostly relevant if you get directed after logout with Auth0
@henrikhorluck
Sync var-names with doppler
02a19d3
@henrikhorluck
Suport logging out of Auth0-SSO-session
4c66a5f
@henrikhorluck
Modify mozzila-auth for our uses
65a7bc5 
- Support creating a user with info from /userinfo
    - Including from API-call by chaning DRF-auth to mozilla
- Username is a variant of the email, note that this might lead to
  usernames that were previously invalid.
- Verify that access_token-audience is for us
- Do not call /userinfo on _every_ request, since we can find the user
  from `sub`, but use it if we need to create a new user
- Update email if it has diverged when we have already gotten an
  id_token (aka login directly to OW4)
@henrikhorluck henrikhorluck added this pull request to the merge queue Feb 24, 2024
Merged via the queue into main with commit 73be636 Feb 24, 2024
6 checks passed
@henrikhorluck henrikhorluck deleted the feat/yeet-cognito branch February 24, 2024 16:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@henrikskog henrikskog Awaiting requested review from henrikskog

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@henrikhorluck