Re: [Bugzilla-announce-list] Action Required: Bugzilla - API Authentication changes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2/9/22 14:30, Adam Williamson wrote:
> On Wed, 2022-02-09 at 17:44 +0000, Daniel P. Berrangé wrote:
>>
>> I've not seen this kind of auth dance implemented in any software
>> other than TV streaming apps, and not bugzilla and not any other
>> bug tracker I've come across. So it is not a practical solution
>> today, more of a thought experiment on how API tokens could
>> possibly be made less awful to acquire for something like Anaconda
>> or Abrt.
> 
> Firefox does something similar for signing new instances of Firefox
> into your account for syncing. I've also seen it on a couple other
> things but can't quite put my finger on what at the moment.
> 
> The other way we handle something like this is for FAS authentication;
> if you try and use e.g. the Bodhi CLI client without being logged in,
> it will print a browser URL and try to open a browser at that URL
> automatically, you log in through the browser and a key/token is made
> available to the app to store for future non-interactive logins.

For Bodhi Kerberos seems like a more elegant solution tbh.

> But really, the problem here is not so much "let's come up with an
> elegant design" as "um it seems like things are going to break
> catastrophically in 19 days, we need to do something really quite
> urgently to make that not happen".

Why does all authentication need to go through a browser?  2FA
requirements?

-- 
Sincerely,
Demi Marie Obenour (she/her/hers)

Attachment: OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux