[POC] Integrate Keycloak to authenticate users and manage permissions (!994) · Merge requests · Platform / Development / swh-web

Antoine Lambert requested to merge generated-differential-D2130-source into generated-differential-D2130-target Oct 11, 2019

That diff is not intended to be landed as is but is rather a proof of concept regarding the integration of Keycloak in swh-web.

Keycloak is an opensource solution for adding authentication to applications and securing services with minimum fuss.

Instead of using the Django authentication system, every operations related to users management are delegated to Keycloak.

That diff is an experiment of using it to authenticate users who make requests to the swh web api and lift the rate limiting if they have the proper permission.

To test that new feature, you can use the docker-compose environment by following the instructions located in diff D2131.

Test Plan

TODO, we could mock Keycloak responses by using the python-jose module in the tests implementation.

Migrated from D2130 (view on Phabricator)

[POC] Integrate Keycloak to authenticate users and manage permissions

Test Plan

Merge request reports