Re: State of Flask-OIDC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Wed, Dec 7, 2022 at 3:25 AM David Kirwan <dkirwan@xxxxxxxxxx> wrote:


On Tue, 6 Dec 2022 at 03:05, Neal Gompa <ngompa13@xxxxxxxxx> wrote:
On Mon, Dec 5, 2022 at 12:48 PM Frantisek Zatloukal <fzatlouk@xxxxxxxxxx> wrote:
>
> \o/,
>
> I'd like to ask if there is anybody familiar with the state of flask-oidc? It's been long-time broken with the latest itsdangerous, which was recently bumped in Rawhide, which broke all the applications using flask-oidc from Fedora repositories ( https://bugzilla.redhat.com/show_bug.cgi?id=2150955 ).
>
> There is an upstream PR against flask-oidc changing itsdangerous to pyJWT: https://github.com/puiterwijk/flask-oidc/pull/144 (which, according to my previous testing, makes the trouble go away). Can somebody take a look at it, and merge/release a new fixed version? I can handle pyJWT packaging in Fedora if this is the way forward.
>
> On a similar note, is the flask-oidc library the way to connect to FAS login for python applications? I had an impression that apps should migrate to this from plain openid (and I am planning to handle the transition of remaining Fedora QA apps). It seems abandoned upstream, so should the devs of python/flask apps use some other lib/way?
>
> Thanks a lot upfront!
>

There was an attempt to do something about this:
https://github.com/fedora-infra/flask-oidc

But it also seemingly died.

Not dead yet, just on life support! Hit a few issues as this is an attempt at replacing oauth2client behind the scenes with authlib. Let me share how far I've gotten with this..

- I've a somewhat functional POC which has implemented enough of the original functionality to get a basic login flow working, but it doesn't quite have every feature in the current released version of flask-oidc, may require further functionality be developed, I need to examine some of the locations where we currently use it, and see if this new version offers enough functionality to replace.
- Currently hit blocker updating the tests, having to upskill as I know next to nothing about ipsilon, so having to go learn to figure out what I'm trying to mock out to test, slow progress here!

Testing App focusing only on the OIDC login etc: https://github.com/fedora-infra/test-auth/tree/authlib_dev

I should get time to re-focus on this over the next few weeks.

Thanks for the update, David!

Would it be possible to cut a new release with the pyJWT PR included at least once you have time/mood to re-focus? Or would that be wasted effort before porting to authlib?

Thanks a lot!
 




--
真実はいつも一つ!/ Always, there's only one truth!
_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue


--
David Kirwan
Senior Software Engineer

Community Platform Engineering @ Red Hat

T: +(353) 86-8624108

_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue


--

Best regards / S pozdravem,

František Zatloukal
Senior Quality Engineer
Red Hat
_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux