...
- Acting components
- User
- Identification provider
- ODLUX Client
- SDN-R server
- Identity provider
- authentication
- providing key for registered users indicating level of rights (group)
- https://github.com/ory/kratos
- SDN-R Server
- ODLUX Client
- authorization for GUI
- Use list of identity providers to offer login
- Get key with identity and group of user from identity provider into ODLUX Userspace
- Get SDN-R User group from server
- User user group to enable/disable functions in ODLUX GUI
OAuth Provider bundle
...
Environment Vars:
...
Dataflow example for Login with external Identity Provider (KeyCloak)
PlantUML Macro |
---|
@startuml
autonumber
participant User as user order 1
participant GUI as gui order 2
participant SDNC as sdnc order 3
participant OAUthProvider as oauth order 4
gui -> sdnc: GET /oauth/providers
sdnc -> gui: providers array
user -> gui: Select OAuth provider
gui -> oauth: /loginForm with params
oauth -> gui: loginForm
user -> gui: fill login form
gui -> oauth: POST /login with credentials
oauth -> gui: [301] to redirectURI
gui -> sdnc: GET /oauth/redirect with params
sdnc -> oauth:POST /oauth2/token with params
oauth -> sdnc: OAuthToken with roles
sdnc -> sdnc: create odl bearer token with with roles
sdnc -> gui: odl bearer token
@enduml |