Staging instance, all changes can be removed at any time

Skip to content

[POC] Integrate Keycloak to authenticate users and manage permissions

That diff is not intended to be landed as is but is rather a proof of concept regarding the integration of Keycloak in swh-web.

Keycloak is an opensource solution for adding authentication to applications and securing services with minimum fuss.

Instead of using the Django authentication system, every operations related to users management are delegated to Keycloak.

That diff is an experiment of using it to authenticate users who make requests to the swh web api and lift the rate limiting if they have the proper permission.

To test that new feature, you can use the docker-compose environment by following the instructions located in diff D2131.

Related swh/infra/sysadm-environment#2020 (closed)

Test Plan

TODO, we could mock Keycloak responses by using the python-jose module in the tests implementation.


Migrated from D2130 (view on Phabricator)

Merge request reports

Loading