On Wed, Oct 10, 2018 at 09:36:57AM -0400, Neal Gompa wrote:
On Wed, Oct 10, 2018 at 9:24 AM Radka Janekova
<radka.janek(a)redhat.com> wrote:
>
> Hi,
>
> please excuse me if this information is somewhere and I failed to find it...
>
> I'm looking for a way to add an application / get an id, to be used in a web
application used to authenticate the user with Fedora account. I did not see any mention
of it in the auth/openid wiki page, I'm assuming that it would be to create a ticket
with infrastructure?
>
> Who would be the right person to talk to about this topic? Willing to spare a bit of
time to provide some guidance? (Czech would be welcome as it is a local high school intern
working on the project, and I'm not entirely confident in his English :P)
>
> Project details to give you a better picture what am I talking about - A website
where the user will log-in with their Fedora account, then have some options to choose
from, these would be generated based on their scope/groups ...
>
You should be able to do this out of the gate as-is. If it's Python
based using Flask, you can use `python3-fedora-flask` and source that
module to pre-configure for authentication with FAS. For other
language stacks, take a look at how it works in Python[1] and adapt
accordingly.
It also depends if you're going to use openid or openid-connect. For the former
there is nothing to do on our end, it's the plain, usual openid protocol.
For the later, that application would need to be registered in our end but for
development purposes you can register against
iddev.fedorainfracloud.org see the
"registration" paragraph in
https://flask-oidc.readthedocs.io/en/latest/
Pierre