django: Add keycloak realm roles in user permissions set (!47) · Merge requests · Platform / Development / swh-auth

Antoine Lambert requested to merge generated-differential-D5578-source into generated-differential-D5578-target Apr 22, 2021

Keycloak also allow to define user roles at realm level to define permissions at a global level not tight to a client.

Include these extra roles in the user permissions set from the decoded token content.

As a consequence, some parameters of the keycloak_oidc_factory function got renamed, this will break swh-deposit and swh-web tests but I will push diffs to fix that (D5579, D5580)

Related to swh-web#3213 (closed)

Migrated from D5578 (view on Phabricator)

django: Add keycloak realm roles in user permissions set

Merge request reports