Add a testing IDP for OIDC authentication #2714
Labels
area/QA
Excluded from release notes. Quality assurance / Regression testing
area/testing
PR used for some kind of debugging. Not intended to be merged.
kind/quality
Tech Debt / Cleanup
Milestone
Comments
enrichman
added
kind/quality
|
Pairing with @mmartin24 maybe we don't need a full blown IDP to test some of the OIDC features, such as groups. We can create a valid JWT token with the needed claims to test the groups association. |
|
@enrichman, I made this Confluence page with a summary of the steps done with this: https://confluence.suse.com/display/Epinio/How+to+check+update+of+user+roles+on+each+new+login+session |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The OIDC authentication is missing tests related to groups. The
staticPasswordsfield in the dex config doesn't support groups, and it has only "fixed" users.Setting up an external IDP (LDAP?) will allow us to create/update users, and make some checks related to their groups and permissions. We would need to update the dex configuration, and restart Dex though.
Needs investigation.
The text was updated successfully, but these errors were encountered: