rholshausen
2017-05-16 05:51
Technically, Openid connect is OAuth 2 for browser based flows, so that may be Google OAuth too
matt
2017-05-16 06:59
I?d be interesting in hearing about what OAuth providers people use to inform the underlying specs we need to be compliant with
matt
2017-05-16 06:59
That being said, SAML should be on the list (but IMO behind OAuth). I?ve had multiple discussions with both users and potential users of this service
thadir
2017-05-16 14:08
@beth OAuth 2 is cool, but for the pact broker maybe using a JWT token to communicate a bit is more convenient seeing that you want to make the communication work quick and you can sign a JWT token for a long time (eg for like a period of years to a few seconds). Then for the UI login Auth0 or OpenID connect. Or if your ealy want to go fancy you can go for the federation implementation, and thus make it posible to add peapol to your federation (like for example our own 0Auth) so that we in our own systems can manage the rest.
beth
2017-05-17 04:32
@thadir would you imagine using jwt with your own authentication server, or one that we'd set up?
thadir
2017-05-17 08:11
both is posible, if you go for a federations set up, we can use our own by pure chance we wanted to use PACT to get the contract of our securty api and clients in mangement. And slowly the rest. THe paper I sugest to read is https://msdn.microsoft.com/en-us/library/aa479079.aspx. And we use 0Auth for all our outsourced services (eg our SonarQube and Buildsystems and stuff). It connects to the 0Auth server who in the end connects to our own network and Ldap.
beth
2017-05-17 09:15
I'm going to be learning on the fly, as I haven't ever set up authentication like this before. #developerlyf
thadir
2017-05-17 11:15
@beth best way to learn tbh :wink: thats how I learnd PACT. Also good read is https://www.samba.org/samba/docs/using_samba/ch09.html so you can let us implement the method. Ahad one typo in the previos its not 0Auth but Auth0 the service we use and its all connected trough the Samba interface.
travi
2017-05-19 03:47
would love to see github and google as social login providers with the ability to limit access by org. also would be valuable to limit users to read-only but allow a ci server to have write access through the use of a token
harris.osserman
2018-08-13 16:55
Has anyone successfully used the Scala Pact broker + sbt plugin with basic auth? It seems like there has been an open ticket to support basic auth since 2017 https://github.com/DiUS/pact-jvm/issues/467
saurabhapd
2020-09-17 15:31
Hi Team, I am lookin to deploy dockerized pact broker with oauth2 support in my own ec2. I have deployed with basic auth, But now I want to do the same with oauth2 bearer token. I am thinking of using aws cognito. Any idea how to implement that?
