Page MenuHomeDevCentral
Create Task
Maniphest T336

Add login capabilities through external services
Open, HighPublic
Actions

Description

We also need to authenticate users against external sources.

Revisions and Commits

rGROVE Auth Grove
Changes PlannedD445 [WIP] [DO NOT MERGE] External accounts
D432rGROVE232f51ff574f Model UserExternalSource to link with external accounts

Related Objects
Search...

Event Timeline

dereckson created this task.Apr 26 2015, 19:15
dereckson raised the priority of this task from to High.
dereckson updated the task description. (Show Details)
dereckson added a project: Auth Grove.
dereckson added a subscriber: dereckson.
dereckson moved this task from Backlog to Epics & trackers on the Auth Grove board.Apr 26 2015, 19:44
dereckson renamed this task from Add social login capabilities to Add login capabilities through external services.Jan 14 2016, 16:32
dereckson added a subtask: T668: E-mail authentification.
dereckson mentioned this in T882: Integrate Laravel Socialite code.Jun 27 2016, 20:26
dereckson added a revision: D432: Model UserExternalSource to link with external accounts.Jun 30 2016, 14:09
dereckson added a commit: rGROVE232f51ff574f: Model UserExternalSource to link with external accounts.
dereckson added a revision: D445: [WIP] [DO NOT MERGE] External accounts.Jul 3 2016, 21:00
dereckson added a project: User-Dereckson.
dereckson moved this task from Backlog to In progress on the User-Dereckson board.
dereckson moved this task from In progress to Backlog on the User-Dereckson board.Jul 25 2016, 19:38
dereckson moved this task from Backlog to Needs Review / Blocked / Waiting on the User-Dereckson board.Aug 31 2016, 14:44
dereckson added a comment.Feb 16 2023, 19:31

Development moratoire

Per T1771, we're currently considering implementing Keycloak as a reference identity management and SSO login product.

This product exposes a LDAP, OIDC (OpenID Connect) and SAML capabilities to authenticate users and applications. It seems to solve our main problems.

From there, it's not clear what we do with Auth Grove:

  • Scenario A. We drop it, and as users we directly interact with Keycloak. Development is discontinued.
  • Scenario B. Auth Grove is morphed into a front-end to use Keycloak: we expose current information, and interact with Keycloak API (through a generic set of classes to allow to switch to another solution) to set credentials and metadata.
  • Scenario C. We use both Keycloak AND Auth Grove. We don't make integrate with Keycloak at all, to stay independent and not vendor-locked.

While T1771 evaluation is ongoing, a moratoire covers any development activities related to Auth Grove, with the obvious exception of security issues.
This moratoire cover fully or partly this task.

dereckson closed subtask T340: Authenticate users against Twitter as Wontfix.Mar 13 2023, 16:42
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator