[Pulp-dev] Pulp 3: using JWT to request a JWT
David Davis
daviddavis at redhat.com
Wed Nov 29 01:32:50 UTC 2017
I’m not sure I fully understand this last paragraph about setting a maximum
amount of time per token. Regardless, I would not add the ability to
request new JWT tokens using JWT authentication in the MVP unless it’s easy
to implement. I think we want that eventually but what we have today
supports most of what users want or need from JWT auth.
David
On Tue, Nov 28, 2017 at 5:34 PM, Dennis Kliban <dkliban at redhat.com> wrote:
> Our MVP doc currently states "As an API user, I can authenticate any API
> call (except to request a JWT) with a JWT. (not certain if this should be
> the behavior) [in progress]"
>
> The uncertainty was due to the "except to request a JWT" clause.
>
> I propose that Pulp 3 should support requesting a new JWT by using an
> existing JWT. Automated systems that integrate with Pulp would benefit from
> being able to renew tokens using an existing token.
>
> Enabling this feature with django-rest-framework-jwt requires also
> selecting the maximum amount of time since original token was issued that
> the token can be refreshed. The default is 7 days. Pulp users should be
> able to supply this value. Thy should also be able to specify how long each
> token is good for.
>
>
> What do others think?
>
> _______________________________________________
> Pulp-dev mailing list
> Pulp-dev at redhat.com
> https://www.redhat.com/mailman/listinfo/pulp-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-dev/attachments/20171128/704d314e/attachment.htm>
More information about the Pulp-dev
mailing list