Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenID generic provider support #10151

Closed
4 tasks done
Tracked by #10056
offtherailz opened this issue Apr 3, 2024 · 3 comments · Fixed by #10152, geosolutions-it/geostore#330, geosolutions-it/geostore#354 or geosolutions-it/geostore#357
Closed
4 tasks done
Tracked by #10056

OpenID generic provider support #10151

offtherailz opened this issue Apr 3, 2024 · 3 comments · Fixed by #10152, geosolutions-it/geostore#330, geosolutions-it/geostore#354 or geosolutions-it/geostore#357
Assignees
@afabiani @offtherailz @tdipisa
Labels
Accepted C206-DEUTSCHE_BAHN-2024-SUPPORT enhancement
Milestone
2024.02.00

Comments

@offtherailz
Copy link
Member

offtherailz commented Apr 3, 2024
edited
Loading

Description

Provide a generic support for an openID Connect provider.

Acceptance criteria

  • MapStore can be configured via mapstore-ovr.properies to be connected to a generic openid provider
  • The configuration allows to configure standard minimal properties to allow the user to login, with optional user creation. The minimal are:
    • discoveryUrl : to properly
    • clientId
    • clientSecret
    • principalKey: to identify the claim to use for the username.
  • The login should be available as an alternative login method in he login form or direct (as for keycloak, google etc..)
  • Logout have to be impelmented too.

The purpose is to provide the support to allow login via oidc + LDAP, for services like Azure.

Other useful information
@offtherailz offtherailz added the New Feature used for new functionalities label Apr 3, 2024
@offtherailz offtherailz added this to the 2024.01.00 milestone Apr 3, 2024
This was referenced Apr 3, 2024
Merged
Merged
@tdipisa tdipisa linked a pull request Apr 3, 2024 that will close this issue
Generic OIDC provider support #10152
Merged
17 tasks
@tdipisa tdipisa modified the milestones: 2024.01.00, 2024.01.01 Apr 3, 2024
@tdipisa tdipisa added BackportNeeded Commits provided for an issue need to be backported to the milestone's stable branch enhancement and removed New Feature used for new functionalities labels Apr 24, 2024
@offtherailz offtherailz mentioned this issue May 16, 2024
Merged
2 tasks
@tdipisa tdipisa modified the milestones: 2024.01.01, 2024.01.02 May 28, 2024
@offtherailz
Copy link
Member Author

@ElenaGallo I'll test this and let you know

@offtherailz
Copy link
Member Author

According with this
https://learn.microsoft.com/en-us/entra/identity-platform/scopes-oidc

We don't have the scopes "groups". For this reason @afabiani will provide an additional fix to support the request of the groups scope.

@afabiani
Copy link
Member

afabiani commented Jul 1, 2024

@offtherailz patch provided here

@tdipisa tdipisa modified the milestones: 2024.01.02, 2024.02.00 Jul 2, 2024
@tdipisa tdipisa removed the BackportNeeded Commits provided for an issue need to be backported to the milestone's stable branch label Jul 2, 2024
@offtherailz offtherailz mentioned this issue Jul 9, 2024
Merged
@offtherailz offtherailz reopened this Jul 9, 2024
@tdipisa tdipisa mentioned this issue Aug 28, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@afabiani afabiani

@offtherailz offtherailz

@tdipisa tdipisa

Labels
Accepted C206-DEUTSCHE_BAHN-2024-SUPPORT enhancement
Projects
None yet
Milestone
2024.02.00
4 participants
@afabiani @offtherailz @tdipisa @ElenaGallo