-
Notifications
You must be signed in to change notification settings - Fork 126
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for injecting an authorization token #981
Conversation
Signed-off-by: Moritz Schmitz von Hülst <moritz.schmitz@oviva.com>
Signed-off-by: Moritz Schmitz von Hülst <moritz.schmitz@oviva.com>
Signed-off-by: Moritz Schmitz von Hülst <moritz.schmitz@oviva.com>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #981 +/- ##
============================================
- Coverage 95.56% 95.49% -0.08%
+ Complexity 1370 1364 -6
============================================
Files 81 80 -1
Lines 4400 4375 -25
Branches 500 493 -7
============================================
- Hits 4205 4178 -27
- Misses 94 98 +4
+ Partials 101 99 -2 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Moritz Schmitz von Hülst <moritz.schmitz@oviva.com>
Signed-off-by: Moritz Schmitz von Hülst <moritz.schmitz@oviva.com>
Signed-off-by: Moritz Schmitz von Hülst <moritz.schmitz@oviva.com>
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
Quality Gate passedIssues Measures |
What this PR does / why we need it:
What: This PR enables support for using an existing authorization token.
Why: This helps in scenarios where the token isn't issued by Keycloak, but only verified by it.
Special notes for your reviewer:
We have a special use-case where all admin accounts need to have enabled 2FA because our
/admin
is publicly accessible (and needs to be). We are using https://spiffe.io/ in our cluster to issue identities to our backend components. Being able to use theKeycloakBuilder
functionality of injecting an authorization token would allow us to leverage the same capabilities.PR Readiness Checklist:
Complete these before marking the PR as
ready to review
:CHANGELOG.md
release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR