- Api authentication should still use tokens, but we need to add a way to generate api tokens in the interface, once a user is logged in, and revoke them. We also need a way to ship them to puppet so that might need to be engineered if we want it to be smooth sailing.
- Web authentication needs to be pluggable. Ideally we implement a basic version that works as it does today - using apache sso, and basic auth.
- Additional methods can be imported as python modules via a configuration key, and should adhere to an interface defined in the basic auth module.
Description
Description
Details
Details
Related Changes in GitLab:
| Title | Reference | Author | Source Branch | Dest Branch | |
|---|---|---|---|---|---|
| Draft: Make authentication pluggable | repos/sre/hiddenparma!153 | oblivian | auth_pluggable | main |
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Open | Joe | T422235 WE5.4.14 FY25-26: Make our bot detection software usable outside of our CDN | |||
| Open | Joe | T422236 Make HP's authentication pluggable |
Event Timeline
Comment Actions
oblivian opened https://gitlab.wikimedia.org/repos/sre/hiddenparma/-/merge_requests/153
Draft: Make authentication pluggable