To do fixes #1818 #1974
Merged
To do fixes #1818 #1974
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hi @nilupulmanodya welcome back. |
|
Hi @ReimarBauer.. Thanks.. It's good to be back |
ReimarBauer
reviewed
Sep 4, 2023
ReimarBauer
reviewed
Sep 4, 2023
ReimarBauer
reviewed
Sep 4, 2023
ReimarBauer
reviewed
Sep 4, 2023
ReimarBauer
reviewed
Sep 4, 2023
ReimarBauer
reviewed
Sep 4, 2023
matrss
reviewed
Sep 14, 2023
4 tasks
ReimarBauer
reviewed
Sep 18, 2023
ReimarBauer
reviewed
Sep 18, 2023
ReimarBauer
reviewed
Sep 18, 2023
ReimarBauer
reviewed
Sep 18, 2023
ReimarBauer
reviewed
Sep 18, 2023
|
steps I did. I installed boa into my base environment. then |
ReimarBauer
approved these changes
Sep 21, 2023
ReimarBauer
reviewed
Sep 21, 2023
matrss
reviewed
Sep 21, 2023
| * Login with identity provider through Qt Client application. | ||
| * To log in to the mscolab server through the identity provider, you can use the credentials specified in the ``PASSWD`` section of the ``MSS/mslib/idp/idp.py`` file. Look for the relevant section in the file to find the necessary login credentials. | ||
| * To log in to the mscolab server through the identity provider, you can use the credentials specified in the ``PASSWD`` section of the ``MSS/mslib/msidp/idp.py`` file. Look for the relevant section in the file to find the necessary login credentials. |
There was a problem hiding this comment.
So, what is our intended use case for this IdP? I am still not sure I have understood it. Right now we have it under mslib/ and expose entrypoints to it in a way that suggests we want to use this in production and expose this functionality to other admins running a mscolab instance. On the other hand, in this line we point to some file in the source code to get credentials for one of the predefined accounts. That sounds more like testing. For production we would need some kind of proper user management, but I think building an entire production-grade IdP is out-of-scope for us.
I am still of the opinion that we should move everything related to setting up and running this IdP below tests/, make the documentation intended for developers only and not expose this to the end-users of MSS. We can then use this IdP in the test suite to have something easy to setup to test against. To benefit from the SSO feature we will hook this up to an externally managed IdP anyway (Helmholtz AAI, or whatever SAML IdP someone may want to connect to) and have no say in what is running on their side.
This comment isn't a blocker functionality-wise though, so we can merge this PR and address this later.
ReimarBauer
merged commit 529e7f6
into
Open-MSS:GSOC2023-NilupulManodya
3 checks passed
ReimarBauer
added a commit
that referenced
this pull request
Nov 7, 2023
* remove inputs from conditions (#1808) * Setup sp and idp for the sso (#1809) * configure sp and idp * update meta.yml remove cherypy * fixes previous * update notice * update readme * regroup idp_uwsgi * regroup app.py * regroup, change wsgi server to flask * Update conf_sp_idp/README.md Co-authored-by: Matthias Riße <[email protected]> * hide secrets by config * update copy-paste-able command for creating keys and certificates * Update README.md * correct copyright lines * remove make_metadata.py file and update doc with new flow * remove idp.xml file * remove condition libxmlsec1 * Update conf_sp_idp/sp/app/conf.py Co-authored-by: Matthias Riße <[email protected]> * Update conf_sp_idp/idp/idp.py Co-authored-by: Matthias Riße <[email protected]> * remove generate_metadatascript * remove hardcoded path * recorrect copyrights --------- Co-authored-by: Matthias Riße <[email protected]> * Split conf sp idp (#1811) * split sp and idp * generate doc * remove prints idp.py * update comeponents.rst * UI changes in Qt for SSO (#1813) * ui changes in qt for sso * fixes qt UI implementation * get idp_enabled response from server * update tests for test_hello * update test utils * Update mslib/msui/mscolab.py Co-authored-by: Matthias Riße <[email protected]> * fix typo * move downed idp_enabled exception * increase height ui_mscolab_connect_dialog * resolve comments --------- Co-authored-by: Matthias Riße <[email protected]> * web browser implementation (#1814) * web browser implementation * update gitgnore * resolve comments * update docstring * Configure mscolab for sso (#1818) * db modeling * add users into id[ * backend yaml implementation * set server conf * config server for sso * qt ui implmentation * backend html templates implementation * update testcases * config qt client app * update gitignore * set yaml endpoints * update docs * update test utill, and fix error * fix test utils * remove disabled pylint * add libxmlsec1 into dep * set IDP ENabled false * Update mslib/mscolab/server.py Co-authored-by: Matthias Riße <[email protected]> * recorrect commit * update db modeling with authentication_backend for multiple idps * update conf for the multiple idps * template implementation * msui update redirect url for multiple idps * saml update for multiple idps * update mscolab server for multiple idps * update doc for multiple idps * automate CERTs generation and paths * update doc * correct typo in doc * update doc * fix typos update gitignore * fix config idp_conf * update gitignore * set one time token access * add params for cert creation * set idp token for one time validation * fix unnnescessary debug * remove duplicate imports * Update mslib/mscolab/mscolab.py Co-authored-by: Matthias Riße <[email protected]> * automate saml yaml file and improve error handling * rename IDP_ENABLED to USE_SAML2 * update error template * update doc * add todo idp_wsgi * update db models * recorrect doc * add todo refactors --------- Co-authored-by: Matthias Riße <[email protected]> * To do fixes #1818 (#1974) * remove global var * remove idp.subjects file dirs * remove relaystste, rndstr and use secrets * remove shell=True * correct typos * fix group order * enable flake8 for GSOC2023-NilupulManodya * fix lint * fix lint * fixes comments * resolve comments * fix comments * update doc * improve code for multiple Idps * conf routes for multiple conf * remove uncessary .yaml * update cmd metadata * update conf * update saml handler for multiple idps * pinning of xmlschema * pin werkzeug * disable pytests for todo refactor * disbale whole file gsoc_testing * fix conf * resolve comments * resolve comments * manual conflict resolve ui_mscolab_connect_dialog.ui file * resolve flake8 * set SSL certificate verification enablement (#2062) * ssl verification enablement for SSO * add hint * Remove testing SP (#2066) * remove testing sp * remove documentation auth_client_sp * Create documentation for SSO integration through SAML (#2064) * create documentation sso integration * added into makefile components * change dir images * resolve comments, add sample files * resolve comments * change cookies dir of web browser (#2063) * change cookies dir of web browser * Update mslib/msui/msui_web_browser.py Co-authored-by: Matthias Riße <[email protected]> --------- Co-authored-by: Matthias Riße <[email protected]> * improve accessibility saml2 urls (#2068) * improve accessibility saml2 urls * resolve comments --------- Co-authored-by: Nilupul Manodya <[email protected]> Co-authored-by: Matthias Riße <[email protected]> Co-authored-by: Matthias Riße <[email protected]> Co-authored-by: nilupulmanodya <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose of PR:
Fix To do fixes of previous PR #1818
Fixes #
#1818 (comment)
#1818 (review)
#1818 (comment)
#1818 (comment)
#1818 (review)
Does this PR introduce a breaking change?
No
Does this PR results in some Documentation changes?
yes. Fix typos of
conf_sso_test_msscolab.rstChecklist:
<type>: <subject>