Re: Bodhi's move to OIDC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> But yeah, making it impossible to use the bodhi cli without opening a web browser for authentication would be bad for my use cases / my projects - particularly fedora-update-feedback. If I need to open a web browser for authentication, I can just use it to submit bodhi feedback as well, and then why use a CLI app?

Ah, I wasn't clear. In the OIDC flow, you need to open a web browser
the first time you use the CLI, then the token is saved and you don't
need to do that anymore.

> While there's apparently Rust libraries that could handle OpenID connect stuff for me, I'd need to look into how they handle the authentication flow, i.e. if they require opening a web browser too. It would also require rewriting the whole lower layer of my Rust bodhi API bindings / fedora-update-feedback *again*, because I *just today* finished the transition onto async / await and released versions 2.0.0 of those projects ...

Ah, sorry about that. If the OpenID Connect libraries are not
practical or async-enabled, you can probably use the OAuth2 libraries,
since OpenID Connect is mainly a discovery layer on top of OAuth2.
You'll need to specify 3 URLs instead of discovering them based on
one, but the rest should work the same.

> So if there's any transition period, that would be greatly appreciated, since I will need time (and that's not growing on trees nowadays) to adapt my projects.

I think we can at least keep the OIDC-enabled instance in staging for
a while, when prod would still be running on OpenID, so you can test
your clients.

Hope that helps

Aurélien
_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux