...
- OpenID (https://en.wikipedia.org/wiki/OpenID)
- OpenID Connect (https://en.wikipedia.org/wiki/OpenID_Connect)
- OAuth 2.0 (https://en.wikipedia.org/wiki/OAuth)
Identityprovider
ory/hydra- github https://github.com/ory/hydra
- as docker https://hub.docker.com/r/oryd/hydra/
ory/kratos- github https://github.com/ory/kratos
- as docker https://hub.docker.com/r/oryd/kratos
- Quickstart: https://www.youtube.com/watch?v=5t1Zr_zJc7E
- keycloak
Requirements
- OpenId Connect as Identity Provider
AAA configuration
The term AAA configuration groups the configuration of
...
- Acting components
- User
- Identification provider
- ODLUX Client
- SDN-R server
- Identity provider
- authentication
- providing key for registered users indicating level of rights (group)
- https://github.com/ory/kratos
- SDN-R Server
- data-provider
- Provide list of authentication providers to ODLUX Client
- Provide internal group for user to ODLUX Client
- CCSDK bundles
- do authorization on URL level
- shiro V1.3.2 of ODL Aluminium (https://github.com/apache/shiro)
- aaf-cadi (https://github.com/onap/aaf-cadi)
- → OauthV2TokenRealm required
- aaf-cadi (https://github.com/onap/aaf-cadi)
- data-provider
- ODLUX Client
- authorization for GUI
- Use list of identity providers to offer login
- Get key with identity and group of user from identity provider into ODLUX Userspace
- Get SDN-R User group from server
- User user group to enable/disable functions in ODLUX GUI
OAuth Provider bundle
| request | params | response | description |
|---|---|---|---|
| GET /oauth/providers | OAuthProvider array | ||
| GET /oauth/redirect | TokenResponse | ||
...