Implement OpenID Connect (OIDC) Possibilities for uPortal(#2587) #2861
Conversation
|
@jonathanmtran please suggest me necessary changes! |
There was a problem hiding this comment.
Thanks for starting on this @555vedant!
While it is okay to use ChatGPT to help generate content, it is good to check that it is accurate/correct yourself, and not ask maintainers to do all the manual fact checking, grammar checking, and readability checking.
| ### Scopes and Permissions | ||
| - **Definition**: Scopes determine the level of access requested by the client. | ||
| - **Example**: | ||
| ```json | ||
| "scope": "openid profile email" | ||
| ``` | ||
| - **Common Scopes**: | ||
| - `openid`: Required to perform OIDC authentication. | ||
| - `profile`: Requests access to the user's profile information. | ||
| - `email`: Requests access to the user's email address. |
There was a problem hiding this comment.
uPortal has custom claims, this looks like generic OIDC
| ### Claims Filters | ||
| - **Description**: Define which claims are returned in the ID token or access token. | ||
| - **Example**: |
There was a problem hiding this comment.
it looks like the markdown formatting got messed up here
| ## Introduction | ||
| OpenID Connect (OIDC) is an authentication layer built on top of OAuth 2.0, enabling clients to verify user identities and obtain basic profile information. This documentation outlines the OIDC possibilities, including available endpoints, group and claims filters, and using OAuth endpoints for clients. |
There was a problem hiding this comment.
I don't think this needs an introduction, we can link out to the official OIDC docs or wikipedia for this.
Also uPortal specifically uses form of three legged auth, which doesn't seem to be referenced anywhere
|
@ChristianMurphy i am closing this PR i dont wanted to make this file noise i will make it from scratch !! |
this pull request outlines OIDC implementation in uPortal. It covers OIDC endpoints, group and claims filters, and OAuth endpoint usage for clients, aiding developers in secure user authentication and profile information retrieval.
Key features:
1)Detailed descriptions and examples of OIDC endpoints.
2)Configuration for group and claims filters.
3)Client registration and scope definitions.
4)Security considerations for token management.
References:
1)Official OIDC and OAuth 2.0 specifications.
2)uPortal documentation links.