Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: add Identity Provider to Frontend #99

Merged
merged 20 commits into from
Dec 18, 2023
Merged

Feat: add Identity Provider to Frontend #99

merged 20 commits into from
Dec 18, 2023

Conversation

tom-rm-meyer-ISST
Copy link
Contributor

@tom-rm-meyer-ISST tom-rm-meyer-ISST commented Nov 29, 2023
edited
Loading

Description

As discussed in the security assessment, the Frontend should at least be secured using an Identity Provider. Keykloak is common in CX (also used by the portal), therfore I integrated it with two basic users and basic capabilities for Authentication and Access in the Frontend.

  • Introduced Keycloak
    • AccessService and AuthenticationService including own configuration file to
    • Configuration to disable idp for development purposes
    • added Unauthorized View
    • added session management
  • Frontend dependencies
    • added keycloak-js
  • Documentation
    • How to start a local keycloak
    • Overview documents for Administration Guide and Interface Documentation
    • Update of Building Block View to use Keycloak

Please note: The code only around 793 lines of actual change (includes license headers) in code artifacts.

  • 1927 lines for configuration (environment, sample realm for keycloak I created and exported, docker and helm)
  • 261 lines for documentation
  • 445 lines for dependency checks and updates

Pre-review checks

Please ensure to do as many of the following checks as possible, before asking for committer review:

@gitguardian GitGuardian
Copy link

gitguardian bot commented Nov 29, 2023
edited
Loading

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
Once a secret has been leaked into a git repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@tom-rm-meyer-ISST
Copy link
Contributor Author

tom-rm-meyer-ISST commented Nov 29, 2023
edited
Loading

Requested IP checks:

As time goes on, I downgraded eslint again and commented accordingly a dependabot issue

@tom-rm-meyer-ISST tom-rm-meyer-ISST mentioned this pull request Dec 11, 2023
Merged
2 tasks
@tom-rm-meyer-ISST tom-rm-meyer-ISST marked this pull request as ready for review December 15, 2023 15:02
mhellmeier
mhellmeier approved these changes Dec 18, 2023
View reviewed changes
Copy link
Member

@mhellmeier mhellmeier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The >1000 LOC are described in detail in the PR description due to an overhead of documentation and configuration files. Therefore, merging looks good to me.

@mhellmeier mhellmeier merged commit c9b4bd3 into eclipse-tractusx:main Dec 18, 2023
12 checks passed
@tom-rm-meyer-ISST tom-rm-meyer-ISST mentioned this pull request Dec 19, 2023
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhellmeier mhellmeier mhellmeier approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tom-rm-meyer-ISST @mhellmeier