[JENKINS-36852] Dashboard should use JWT to find the authenticated user

Type: Task
Resolution: Postponed
Priority: Major
Component/s: blueocean-plugin
Labels:
- technical-debt

Similar Issues:
Powered by SuggestiMate

Show
Epic Link:
Security API

This removes an extra call to fetch the authenticated user

is blocked by

JENKINS-35783 REST API must only be authenticated using JWT

Resolved

James Dumay added a comment - 2016-07-21 16:28

vivek is there a guide for frontend developers for using the JWT?

James Dumay added a comment - 2016-07-21 16:28 vivek is there a guide for frontend developers for using the JWT?

Vivek Pandey added a comment - 2016-07-21 18:48

jamesdumay yes.

UI should do the following:

Get Token :https://docs.google.com/document/d/1LrsK4w-PRbQu8aBJXxoaFEvxRjlpIo1Z1k4Sr68ALuY/edit#heading=h.v53y1dtwbdla
Verify token and get claim/get user form it: https://docs.google.com/document/d/1LrsK4w-PRbQu8aBJXxoaFEvxRjlpIo1Z1k4Sr68ALuY/edit#heading=h.jw9apl15qatm
Call REST API using JWT token: https://docs.google.com/document/d/1LrsK4w-PRbQu8aBJXxoaFEvxRjlpIo1Z1k4Sr68ALuY/edit#heading=h.8opwdiuo6i4k

some references:

Vivek Pandey added a comment - 2016-07-21 18:48 jamesdumay yes. UI should do the following: Get Token : https://docs.google.com/document/d/1LrsK4w-PRbQu8aBJXxoaFEvxRjlpIo1Z1k4Sr68ALuY/edit#heading=h.v53y1dtwbdla Verify token and get claim/get user form it: https://docs.google.com/document/d/1LrsK4w-PRbQu8aBJXxoaFEvxRjlpIo1Z1k4Sr68ALuY/edit#heading=h.jw9apl15qatm Call REST API using JWT token: https://docs.google.com/document/d/1LrsK4w-PRbQu8aBJXxoaFEvxRjlpIo1Z1k4Sr68ALuY/edit#heading=h.8opwdiuo6i4k some references: https://jwt.io/ https://github.com/kjur/jsrsasign

Cliff Meyers added a comment - 2016-07-27 13:36

I think we might want to rename this ticket and tweak the description:

Dashboard should integrate with JWT to determine authenticated user
Must expose a store that can be shared into the blueocean-personalization plugin
Need to enhance "fetch" code to append JWT token to HTTP header
Must gracefully handle token expiration issues. If the server returns a 401, the UI must gracefully catch the exception, request a new token from the endpoint, and retry the request... otherwise this expiration issue could bleed through the entire code base

Cliff Meyers added a comment - 2016-07-27 13:36 I think we might want to rename this ticket and tweak the description: Dashboard should integrate with JWT to determine authenticated user Must expose a store that can be shared into the blueocean-personalization plugin Need to enhance "fetch" code to append JWT token to HTTP header Must gracefully handle token expiration issues. If the server returns a 401, the UI must gracefully catch the exception, request a new token from the endpoint, and retry the request... otherwise this expiration issue could bleed through the entire code base

Assignee:: Ivan Meredith

Reporter:: James Dumay

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2016-07-21 16:28

Updated:: 2017-03-22 03:06

Resolved:: 2017-03-22 03:06

Jenkins

Details

Description

Attachments

Issue Links

Activity

Collapse comment: James Dumay added a comment - 2016-07-21 16:28

Expand comment: James Dumay added a comment - 2016-07-21 16:28

Collapse comment: Vivek Pandey added a comment - 2016-07-21 18:48

Expand comment: Vivek Pandey added a comment - 2016-07-21 18:48

Collapse comment: Cliff Meyers added a comment - 2016-07-27 13:36

Expand comment: Cliff Meyers added a comment - 2016-07-27 13:36

People

Dates