Configurable Auth Middleware
Instead of hardcoding Mistral to only use the auth_token middleware in KeystoneMiddleware, allow operators to define their own auth middleware in the config (in cases where they want to run Mistral as a standalone service and have something else for auth instead of Keystone). Abstract the auth middleware @ https:/
Blueprint information
- Status:
- Complete
- Approver:
- Renat Akhmerov
- Priority:
- High
- Drafter:
- Winson Chan
- Direction:
- Approved
- Assignee:
- Renat Akhmerov
- Definition:
- New
- Series goal:
- Accepted for newton
- Implementation:
- Implemented
- Milestone target:
- newton-2
- Started by
- Renat Akhmerov
- Completed by
- Renat Akhmerov
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
WIP: Add KeyCloak authentication
Addressed by: https:/
Remove obsolete config option "use_mistral_rpc"
Addressed by: https:/
Add authentication options for KeyCloak OIDC
Addressed by: https:/
WIP: Add KeyCloak OpenID Connect server-side authentication
Addressed by: https:/
Release note for KeyCloak OIDC support
renat: necessary changes were made to support KeyCloak (OpenID Connect protocol) authentication which now inlcludes only token validation. There's also option "auth_type" that can be later used to implement other authentication mechanisms.