Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-edarling): implement lock server integration #10795

Open
rmarinn opened this issue Feb 5, 2025 · 0 comments
Open

feat(jans-edarling): implement lock server integration #10795

rmarinn opened this issue Feb 5, 2025 · 0 comments
Assignees
@rmarinn
Labels
enhancement kind-feature Issue or PR is a new feature request

Comments

@rmarinn
Copy link
Contributor

rmarinn commented Feb 5, 2025

Is your feature request related to a problem? Please describe.

Cedarling needs to be able to integrate with the lock server as described in steps 10-20. In this diagram:

Image

Describe the solution you'd like

The connection during the startup sequence can be implemented as follows:

  1. Check if the CEDARLING_LOCK bootstrap property is set to "enabled"
  2. Validate the CEDARLING_LOCK_SSA JWT.
  3. Send a POST request to the IDP's /register endpoint
  4. Recieve a 201 response together with a client_id
  5. Get an access token via the /token endpoint
  6. Get the policy store through the /config endpoint together with the access_token scoped to "cedarling".
  7. POST to the /audit endpoint
  8. Subscribe to the SSE through the /lock_sse
  9. Listen to SSE

Describe alternatives you've considered

N/A

Additional context

Using the Lock server is optional and could be toggled using the CEDARLING_LOCK bootstrap property.
@rmarinn rmarinn self-assigned this Feb 5, 2025
@mo-auto mo-auto added the kind-feature Issue or PR is a new feature request label Feb 5, 2025
@rmarinn rmarinn changed the title feat(jans-edarling): implement lock server integration feat(jans-edarling): implement lock server startup sequence Feb 5, 2025
@rmarinn rmarinn changed the title feat(jans-edarling): implement lock server startup sequence feat(jans-edarling): implement lock server integration Feb 5, 2025
@rmarinn rmarinn mentioned this issue Feb 5, 2025
Open
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rmarinn rmarinn

Labels
enhancement kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rmarinn @mo-auto