Details
-
Type:
extRequest
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
HD-Chapter:Apps
-
HD-Enabler:WStore
Description
Francisco PĂ©rez (Integration lead of FIspace project) sent a message using
the contact form at http://catalogue.fiware.org/.
Hi,
just reattempting the standard procedure of usage of Wstore and communication
channel in order to analize pro/contra's. In FIspace, we use an instance of
Wstore, from the beginining, installed in our own premises. We have suffered
incoviences about this approach and benefits. I would like to test the
standard procude and usage of Wstore in order to know what is the defined
path in order compare with our current approach.
One prerequisite is the wstore instance provided should be configure to use
an specific instance of Keycloak which is oauth 2.0 compatible.
Do you think the standard approach is feasible with that prerequisities?
Thanks
_______________________________________________
Fiware-tech-help mailing list
Fiware-tech-help@lists.fiware.org
https://lists.fiware.org/listinfo/fiware-tech-help-new
[Created via e-mail received from: paco@limetri.eu]
Activity
Well, our experiences is a bit different.
However, the question is, due to the fact is not recommended to have our
own installation and Fiware is encouraging the usage of instances in
FiLab, the question is,
if it is possible to request an instance of Wstore linked with our own Idm.
Thanks
Fran, please, what prevents you to answer? - thanks
Hi Francisco,
Sorry for the delay answering. I dont know if this is still an issue.
Regarding having an instance of WStore integrated with Keycloak, you have to take into into account that the user API as well as the concepts (roles, organizations, etc) of Keycloak and Keyrock are different, so some development is required (Indeed as far I know this task was already done in FI-Space). So, we are not planning to make specific integration development to accomodate WStore to Keycloak APIs.
Best regards,
Francisco
Therefore, we can conclude standard procedures doesnt apply with that
prerequisite.
It is a pity, because in Fispace we have already reached this
integration but to maintain the development evolution of wstore is
difficult. If you may reconsider this statement, please do not hesite to
get in contact us.
Thanks, you can close the issue
Hi Francisco,
WStore implements an OAuth2 client, so the authentication process (redirection, and obtaining the access token) can be direcly done just configurng the URL of keycloak an the paths for obtaining the authorization code and the access token.
Nevertheless, WStore needs to retrieve user information (complete name, organizations and roles). This is done once the OAuth2 process has finished and the access token has been obtained. Note that the API for obtaining user information depends on the concrete IdM implementation being used, and that WStore currently spects the user info structure given by the FIWARE IdM. In this regard in is needed to replace one method that receives the concrete JSON and generates the internal structures.
Best regads,
Francisco