[Pulp-dev] Pulp 3: using JWT to request a JWT

Jeff Ortel jortel at redhat.com
Wed Nov 29 15:20:06 UTC 2017


On 11/28/2017 04:34 PM, Dennis Kliban wrote:
> Our MVP doc currently states "As an API user, I can authenticate any API call (except to request a JWT) with a
> JWT. (not certain if this should be the behavior) [in progress]"
> The uncertainty was due to the "except to request a JWT" clause.
> I propose that Pulp 3 should support requesting a new JWT by using an existing JWT. Automated systems that
> integrate with Pulp would benefit from being able to renew tokens using an existing token.
> Enabling this feature with django-rest-framework-jwt requires also selecting the maximum amount of time since
> original token was issued that the token can be refreshed. The default is 7 days. Pulp users should be able to
> supply this value. Thy should also be able to specify how long each token is good for.
> What do others think?
> _______________________________________________
> Pulp-dev mailing list
> Pulp-dev at redhat.com
> https://www.redhat.com/mailman/listinfo/pulp-dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 847 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/pulp-dev/attachments/20171129/8836e695/attachment.sig>

More information about the Pulp-dev mailing list