Keycloak permission manager #387
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- use a JWT decoder for testing - Remove unused clases - Remove JWT expired unit tests as validation is now implemented by Spring Security
Merged
UmmulkiramR
added a commit
that referenced
this pull request
Nov 27, 2023
* Readme updated * mergeback for 5.9.1-SNAPSHOT * updated readme copy * updated readme copy * Update README.md Co-authored-by: Jon Eubank <joneubank@gmail.com> * CORS configurations for score server allowing multiple origins at once - #367 * Organizing score-server application.yml * docker JRE ireplacing JRE alpine image to support multiple architecturesmage multi arch supported * latest ubuntu LTS 22.04 score client * using JDK image as builder * update docker dind (#376) from docker image docker:18.06-dind to docker:20.10-dind * fix docker dind TLS (#379) * increase Jenkins timeout (#380) from 30 to 45 mins * Fix/jenkins extend timeout (#381) * increase Jenkins timeout from 30 to 45 mins * increase Jenkins timeout from 45 to 60 mins * increase jenkins timeout * update DeployWithHelm job name in Jenkinsfile (#383) * fix for issue #385 (#386) Co-authored-by: UmmulkiramR <urangwala@oicr.on.ca> * Auto sync storage profiles #378 (#382) * added server endpoint to get profiles * change to switch score-client storage implementations * cleared azure and s3 related entries app.yml * some bug fixes and enhancements * updated comment * added test profile. * added test profile. * refactored code based on review comments - BaseController now returns a single profile value. The actual profile name and the profile value returned by the api are now different. * debug logging removed * replaced profile value * updated readme * updated readme * added a test profile * review changes - Storage profile values now come from an enum in score-core - test configuration created to mock storage profile bean - users will be able to provide a default profile value when working with old score-server instances * users will be able to provide a default profile value when working with old score-server instances * config change * added a test config in score server --------- Co-authored-by: UmmulkiramR <urangwala@oicr.on.ca> * rc release. Includes - auto sync storage profiles - #387 - azure download fails - #385 - fix in Jenkins to build the Score docker image to run on amd/arm architectures and updating score-client image to use latest LTS Ubuntu- #374 --------- Co-authored-by: Mitchell Shiell <59712867+MitchellShiell@users.noreply.github.com> Co-authored-by: dahiyaAD <adahiya@oicr.on.ca> Co-authored-by: dahiyaAD <123118704+dahiyaAD@users.noreply.github.com> Co-authored-by: Jon Eubank <joneubank@gmail.com> Co-authored-by: Leonardo Rivera <leorivera_88@hotmail.com> Co-authored-by: UmmulkiramR <urangwala@oicr.on.ca>
joneubank
requested changes
Dec 1, 2023
Contributor
joneubank
left a comment
joneubank
left a comment
There was a problem hiding this comment.
All the code looks great! Thanks for all the hard work updating versions adn getting security sorted.
I can't accept this without some amount of documentation included for how to switch security providers between Ego and Keycloak. Need to indicate how to configure Score to use each provider.
| clientID: resource | ||
| clientSecret: pass | ||
| # Define a valid auth provider: ego or keycloak | ||
| provider: ego |
leoraba
force-pushed
the
keycloak-permission-manager
branch
from
1bf8158 to
cc5bc5d
Compare
5 tasks
Contributor
|
Capturing need for documentation: #417 |
joneubank
approved these changes
Jul 3, 2024
leoraba
added a commit
that referenced
this pull request
Jul 4, 2024
* Keycloak permission manager (#387) * enable Keycloak apiKeys * setup security config and update mvn dependencies * junit missing dependency * unit test mock Jwt Decoder * fix unit test - use a JWT decoder for testing - Remove unused clases - Remove JWT expired unit tests as validation is now implemented by Spring Security * code format * test profile * docker-compose update images * add keycloak to docker compose * fix merge conflict * fix typo curl command * update keycloak system client and apikeys * version 5.11.0
leoraba
added a commit
that referenced
this pull request
Oct 9, 2024
* Versioning 5.10.1 * Rc/5.11.0 (#418) * Keycloak permission manager (#387) * enable Keycloak apiKeys * setup security config and update mvn dependencies * junit missing dependency * unit test mock Jwt Decoder * fix unit test - use a JWT decoder for testing - Remove unused clases - Remove JWT expired unit tests as validation is now implemented by Spring Security * code format * test profile * docker-compose update images * add keycloak to docker compose * fix merge conflict * fix typo curl command * update keycloak system client and apikeys * version 5.11.0 --------- Co-authored-by: Jon Eubank <joneubank@gmail.com>
leoraba
added a commit
that referenced
this pull request
Aug 5, 2025
* Keycloak permission manager (#387) * enable Keycloak apiKeys * setup security config and update mvn dependencies * junit missing dependency * unit test mock Jwt Decoder * fix unit test - use a JWT decoder for testing - Remove unused clases - Remove JWT expired unit tests as validation is now implemented by Spring Security * code format * test profile * docker-compose update images * add keycloak to docker compose * fix merge conflict * fix typo curl command * update keycloak system client and apikeys * Renamed the constant ICGCFS to SCOREFS * change URI scheme from icgc:// to score:// * Remove outdated wiki reference comment in DownloadManifest.java * Updating the getName response * Updated bucket names from oicr.icgc.test to score.data and score.state * Remove unused scripts and static resources from score * Update token header key from ICGC to SCORe * Update READMEs to replace ICGC with SCORe * Deleting the settings folder belonging to specific IDEs * Removing out dated tests which are no longer in service * Renaming the icgc references to SCORe * Renaming the icgc reference to SCORe * Rephrasing the error handling messages * Updating the icgc buckets to overture.example.score * Deleting unused templated which are related to kf * Rename Default Buckets in Docker-Compose and Update References in SCORe (#471) * Consolidate Manifest Handling by Removing KF-Specific Implementation (#470) * Consolidate Manifest Handling by Removing KF-Specific Implementation * Removing unused classes and dependecies from the code * Eliminating Error messaging referencing ICGC (#454) * Eliminating Error messaging referencing ICGC * Updating the error message * Removing ICGC support contact info currently which are inside the SCO… (#453) * Removing ICGC support contact info currently which are inside the SCORe CLI * Removing the maintainter statement as per the feedback * Remove Hardcoded Profiles and Default URLs from SCORe Client (#469) * Remove Hardcoded Profiles and Default URLs from SCORe Client * Updating application.yml according to the description * Adding defaulturls in the test/application.yml * Changes related to urls in test/application.yml * Local docker-compose re-uses object bucket name for state bucket * Eliminating kf profile from the codebase (#476) * Eliminating kf profile from the codebase * Assigning default value to partSize * Remove @Profile Annotations from DownloadController and UploadController (#477) * Remove Hardcoded URL in Benchmark Profile (#478) * Eliminating aws and collaboratory profile and configuring s3 profile in application.yml and documentation. (#479) * Eliminating aws and collaboratory profile and configuring s3 profile and updating the application.yml along with documentation * Changes related to s3 description in README.md * Changes related to README file formatting * Rename COLLABORATORY Strorage Profile to S3 in SCORe * Eliminating amazong profile with s3 * Merge from `main` to `develop` (#483) * Versioning 5.10.1 * Rc/5.11.0 (#418) * Keycloak permission manager (#387) * enable Keycloak apiKeys * setup security config and update mvn dependencies * junit missing dependency * unit test mock Jwt Decoder * fix unit test - use a JWT decoder for testing - Remove unused clases - Remove JWT expired unit tests as validation is now implemented by Spring Security * code format * test profile * docker-compose update images * add keycloak to docker compose * fix merge conflict * fix typo curl command * update keycloak system client and apikeys * version 5.11.0 --------- Co-authored-by: Jon Eubank <joneubank@gmail.com> * Feature - Add `noSecurityDev` profile (#485) * Add noSecurityDev profile to require no auth tokens in dev * Include description for azure profile in server readme * Score Dev Documentation (#482) * basic folder structure * code of conduct * license * contributing * docs folder setup + ported existing docs * docs folder setup + ported existing docs * Fixed broken links * minor update * minor updates * updated symlink * updated symlinks * link update * updated application.yaml * updated application.yaml * simplified file naming * fixed links * cleaned up content * cleaned up content * missing variable download expiration time * updated application.yaml * updated application.yaml * updated setup documentation * temporarly sperated usage docs * updated overview page * updated docs + application.yaml * added empty line * minor fix * fixed broken link * added score client docker setup * updated user guides * updated readme * updating contributing & code of conduct * updated with object storage and keycloak docs * vault doc * links * minor update * score setup title * updated bat command * Add Key Features to main README * Update repository structure to mirror main README * Formatting and minor edits * netlify link * updated cross referenced urls to docs.overture.bio * removed code of conduct (.github covers this) removed repository structure in readme (it is in the overview) * fixed typos in images, reduced image size to ~1mb will try lower if needed * revert changes in application.yml --------- Co-authored-by: Leonardo Rivera <leorivera_88@hotmail.com> Co-authored-by: Jon Eubank <joneubank@gmail.com> Co-authored-by: Anders Richardsson <2107110+justincorrigible@users.noreply.github.com> * docker version + naming (#489) Co-authored-by: Mitchell Shiell <mshiell@wl7053-spatel.ad.oicr.on.ca> * add JetBrains logo in ReadMe (#490) * Fix typo in README (#491) --------- Co-authored-by: Azher2Ali <121898125+Azher2Ali@users.noreply.github.com> Co-authored-by: Jon Eubank <joneubank@gmail.com> Co-authored-by: Mitchell Shiell <59712867+MitchellShiell@users.noreply.github.com> Co-authored-by: Anders Richardsson <2107110+justincorrigible@users.noreply.github.com> Co-authored-by: Mitchell Shiell <mshiell@wl7053-spatel.ad.oicr.on.ca> Co-authored-by: bounlu <bounlu@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
fix #373
Integrate Keycloak as an Authorization Server.
changes:
jwtas now JWT and ApiKeys auth configuration is already included insecureprofile