Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor authorisation implementation to use OAuth2 Authorization Code with PCKE grant type #1887

Closed
2 of 8 tasks
ndegwamartin opened this issue Dec 8, 2022 · 2 comments
Closed
2 of 8 tasks

Refactor authorisation implementation to use OAuth2 Authorization Code with PCKE grant type #1887

ndegwamartin opened this issue Dec 8, 2022 · 2 comments
Assignees
@ndegwamartin
Labels
Enhancement New feature or request Research and Development Security Wontfix This will not be worked on

Comments

@ndegwamartin
Copy link
Contributor

ndegwamartin commented Dec 8, 2022
edited
Loading

Name of feature to enhance
Authentication

Description of feature
How we handle token management for authentication and authorisation

Describe the enhancement
We need to refactor authentication on FHIR Core to use the OAuth2 Authorization Code with PCKE grant type instead of the current Password Grant type for enhanced security.

Checklist

  • Research OAuth2 Auth code with PCKE concept and Keycloak support
  • Research on Android implementation and any additional dependencies required
  • POC & Implementation on to FHIR Core
  • Unit Testing
  • Documentation - Implementation + Keycloak set up

Acceptance Criteria

  • Above check list is complete
  • Login for the app works correctly
  • Automatic token renewal works correctly
@ndegwamartin ndegwamartin added Enhancement New feature or request Security labels Dec 8, 2022
@ndegwamartin ndegwamartin self-assigned this Dec 8, 2022
@pld
Copy link
Member

pld commented Dec 8, 2022

Cool, does this go in a milestone?

@f-odhiambo f-odhiambo removed this from the Sprint 1 (Jan 3rd - Jan 16th) milestone Jan 13, 2023
@pld pld added the Wontfix This will not be worked on label Jan 13, 2023
@pld
Copy link
Member

pld commented Jan 13, 2023

b/c PCKE does not work offline we will not be able to do this yet

@pld pld closed this as completed Jan 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ndegwamartin ndegwamartin

Labels
Enhancement New feature or request Research and Development Security Wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pld @f-odhiambo @ndegwamartin