Integration of KeyCloak and the mobile application/backend to the Custodian (!37) · Merge requests · data-custodian / custodian

Martin Fontanet requested to merge develop-20201201MF into develop Dec 10, 2020

Integrate the mobile application to the custodian and use keycloak as ID provider. This PR contains the changes on the Custodian endpoint side. The changes made on the application backend can be found on the branch "martin" of the mobile-gps-backend

The wanted interactions:

When a user registers on the mobile app, the backend both stores the new identity and sends a request to keycloak to create a new user. The user created on keycloak is enabled only when the user has verified his/her email address. #17 (closed)
When a user logs into the app, the backend asks keycloak for an access and a refresh token for that user. It then stores the access and refresh token in its DB and maps it to the user's username (which is unique). #36 (closed)
When the user sends gps data to the backend, it transfers it (POST request) to the Custodian endpoint with the access token as bearer token. The Custodian verifies the token's signature using the realm's public key, and verifies that it belongs to the right person (i.e., that OIDs match). #31 (closed)
When the access token is expired, the backend uses the refresh token to get a new one.

Edited Jan 06, 2021 by Martin Fontanet

Integration of KeyCloak and the mobile application/backend to the Custodian

Merge request reports