Project

Profile

Help

Story #3248

closed

As a user, I can use a JWT token to authenticate

Added by daviddavis almost 7 years ago. Updated over 4 years ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

JWT authentication was removed in #3207. We'd like to re-add it eventually. This should be the epic to track that.

Here are the original MVP user stories:

  • As an API user, I can have documentation to generate a JSON Web Token (JWT) without the server being online. [done]
  • As an administrator, I can disable JWT token expiration. This configuration is in the settings file and is system-wide. [done]
  • As an administrator, I can configure the JWT tokens to expire after a configurable amount of time. This configuration is in the settings file and is system-wide. [done]
  • The JWT shall have a username identifier [done]
  • As an API user, I can authenticate any API call with Basic auth a valid username and password [done]
  • As an API user, I can authenticate any API call with a valid JWT [3163]
  • As a JWT authenticated user, I can refresh my JWT token if Pulp is configured with JWT_ALLOW_REFRESH set to True (default is False) [3163]
  • As an API user, I can invalidate all existing JWT tokens for a given user. [done]
  • As an authenticated user, when deleting a user 'foo', all of user 'foo's existing JWTs are invalidated. [done]
  • As an un-authenticated user, I can obtain a JWT token by using a username and password. [done]
Actions #1

Updated by daviddavis almost 7 years ago

  • Tags Pulp 3 added
Actions #2

Updated by daviddavis almost 7 years ago

  • Subject changed from As a user to As a user, I can use a JWT token to authenticate
Actions #3

Updated by daviddavis almost 7 years ago

  • Description updated (diff)
Actions #4

Updated by daviddavis almost 7 years ago

  • Description updated (diff)
Actions #5

Updated by Ichimonji10 almost 7 years ago

QE already has automated tests for many of these JWT-related features. They'll be left in the test suite and enabled or disabled based on the state of this issue. (If sub-issues are created from this one, the tests could hinge on the state of those issues.)

Actions #6

Updated by bmbouter almost 6 years ago

I think this (and all jwt stories in Pulp) should be closed. Rather than integrating Pulp with specific types of authentication, users should be encouraged to configure auth at either the webserver or in their django config.

Actions #7

Updated by daviddavis almost 6 years ago

  • Status changed from NEW to CLOSED - WONTFIX

I agree and so am closing this out. If anyone feels strongly that we should support JWT, feel free to reopen.

Actions #8

Updated by daviddavis over 5 years ago

  • Sprint/Milestone set to 3.0.0
Actions #9

Updated by bmbouter over 5 years ago

  • Tags deleted (Pulp 3)

Also available in: Atom PDF