linaro-license-protection

Support for OpenID authentication in license protection script

Registered by Georgy Redkozubov on 2012-05-10

Now OpenID authentication is configured and supported by IS on apache server and as a result EULA feature doesn't work in directories that are under OpenID protection. We need to add OpenID authentication support to our license protection feature.

Blueprint information

Status:: Complete

Approver:: Данило Шеган

Priority:: High

Drafter:: Georgy Redkozubov

Direction:: Approved

Assignee:: Stevan Radaković

Definition:: Approved

Series goal:: Accepted for trunk

Implementation:: Implemented

Milestone target:: 2012.07

Started by: Paul Sokolovsky on 2012-06-25

Completed by: Данило Шеган on 2012-07-17

Related branches

Related bugs

Sprints

Whiteboard

[danilo 2012-06-08] Prioritize as 'essential' for the planning call.
[pfalcon 2012-06-25] stevanr and pfalcon start on this today. Had a meeting with gesha, he says the first priority is just implementing OpenID support in license protection app being rewritten in Django.
[stevanr 2012-06-25] Agreed to start implementation in parallel with Django refactoring. Suggested to move branches from junk back to linaro-license-protection project.
[stevanr 2012-06-25] Got a confirmation from danilo that OpenID protection should cover directory listings as well, not only file protection.
[pfalcon 2012-06-25] Notes from yesterday's call: https://wiki.linaro.org/Platform/Infrastructure/Spec/OpenIDInLinaroLicenseProtection2 (algorithm and issues)
[pfalcon 2012-06-26] Re: teams/groups with OpenID, it seems the only module which supports that extension is django-openid-auth, so we're bound to use it despite few limitations (see wiki page above). It's also used in other Linaro projects.
[pfalcon 2012-6-26] Re: OpenID and EULA working together, one good way to deal with that is to apply OpenID check (and login requirement first), and EULA handling later, then they will work together pretty well (just need to ensure that code can have both checks optional).
[stevanr 2012-06-27] Implementing code with pfalcon. Sync with gesha and dooferlad is commencing.
[danilo 2012-06-29] Move to the next cycle because code, even if completed, hasn't been deployed.
[danilo 2012-07-17] Deployment moved to https://blueprints.launchpad.net/linaro-license-protection/+spec/django-rewrite.

Meta:
Headline: Click through license protection supports OpenID authentication.
Acceptance: OpenID authentication can be configured in a central configuration maintained by linaro and EULA feature works in directories that are under openid protection.
Roadmap id: CARD-150

(?)

Work Items

Work items:
Define how to improve BUILD-INFO.txt for use with OpenID auth: DONE
Improve BUILD-INFO.txt generation scripts to include proper OpenID info: POSTPONED
[pfalcon] Decide how to handle OpenID group membership check: DONE
Add support of OpenID to linaro_license_protection_2: DONE
[pfalcon] Verify OpenID and EULA feature works together: INPROGRESS
File RT ticket to remove OpenID from apache congfiguration: POSTPONED

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information

Everyone can see this information.

Subscribers

Alexander Sack

Fathi Boudra