Bug #15286

Missing API for external auth sources

Added by Bryan Kearney about 1 year ago. Updated about 12 hours ago.

Status:Ready For Testing
Priority:Normal
Assigned To:Dominik Hlavac Duran
Category:API
Target version:Team Marek Iteration 19
Difficulty: Bugzilla link:1336236
Found in release: Pull request:https://github.com/theforeman/foreman/pull/4727
Story points-
Velocity based estimate-

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1336236
Description of problem:
hammer user-group external create requires auth_source_id which is not available when configuring IPA/IdM integration with
katello-installer --foreman-ipa-authentication=true

Version-Release number of selected component (if applicable):
6.1.8

How reproducible:
Always

Steps to Reproduce:
1. ipa-client-install
2. katello-installer --foreman-ipa-authentication=true
3. hammer user-group create --name=dummy --role-ids=1,2,3,4
User group [dummy] created
4. hammer user-group external create --name=dummy --user-group=dummy

Actual results:

Could not create external user group:
Missing arguments for 'auth_source_id'

--- No value of auth_source_id works

Expected results:

External group [dummy] created

Additional info:

[root@sat6 /]# hammer auth-source ldap list
---|------|--------|------|------------
ID | NAME | LDAPS? | PORT | SERVER TYPE
---|------|--------|------|------------


Related issues

Related to Foreman - Bug #19064: External group mapping cannot be set when --foreman-ipa-a... Closed 03/29/2017
Duplicated by Foreman - Feature #18584: Api for listing all auth sources Duplicate 02/21/2017
Blocks Hammer CLI - Feature #4356: Improve ways of passing auth source when creating a user New 02/17/2014
Blocks Hammer CLI - Feature #18805: Creating external user-group does not have any option --a... New 03/06/2017
Blocks Hammer CLI - Feature #19651: Command for listing all auth sources Assigned 05/24/2017

History

#1 Updated by Dominic Cleal about 1 year ago

  • Category set to Authorization
  • Status changed from New to Feedback

requires auth_source_id which is not available when configuring IPA/IdM integration [..]

An auth source is created when configuring authorize_login_delegation_auth_source_user_autocreate and a user logs in with the external mechanism. The auth source can then be used to create external user groups.

#2 Updated by Marek Hulán 8 months ago

  • Status changed from Feedback to New
  • Target version set to Team Marek backlog

We should probably seed the external auth source, so the very first login attempt could already have some mapped external user groups. I hope that's acceptable fix, so reopening.

#3 Updated by Marek Hulán 5 months ago

  • Related to Bug #19064: External group mapping cannot be set when --foreman-ipa-authentication=true is used and no EXTERNAL user has been created yet added

#4 Updated by Marek Hulán 5 months ago

  • Status changed from New to Duplicate

Closing as a duplicate since after the external auth source is seeded (#19064) the hammer command works just fine.

#5 Updated by Marek Hulán 5 months ago

  • Subject changed from hammer can't create external groups based on IPA/IdM integration to Missing API for external auth sources
  • Status changed from Duplicate to New

Oh no, that's actually not a duplicate, the problem reported here is that hammer can't list external auth source so user can't find out the id to use, I'll change the subject so it's more clear. And of course hammer needs API, our API only provides access to LDAP auth sources. So reopening.

#6 Updated by Dominic Cleal 5 months ago

  • Category changed from Authorization to API

#7 Updated by Joseph Magen 4 months ago

  • Assigned To set to Joseph Magen

#8 Updated by Marek Hulán 3 months ago

  • Target version changed from Team Marek backlog to Team Marek Iteration 15

#9 Updated by Marek Hulán 2 months ago

  • Target version changed from Team Marek Iteration 15 to Team Marek Iteration 16

#10 Updated by Marek Hulán about 1 month ago

  • Target version changed from Team Marek Iteration 16 to Team Marek Iteration 17

#11 Updated by Daniel Lobato Garcia about 1 month ago

  • Duplicated by Feature #18584: Api for listing all auth sources added

#12 Updated by Dominik Hlavac Duran about 1 month ago

  • Blocks Feature #4356: Improve ways of passing auth source when creating a user added

#13 Updated by Dominik Hlavac Duran about 1 month ago

  • Blocks Feature #18805: Creating external user-group does not have any option --auth-source as a input parameter. added

#14 Updated by Dominik Hlavac Duran about 1 month ago

#15 Updated by Dominik Hlavac Duran about 1 month ago

  • Status changed from New to Assigned
  • Assigned To changed from Joseph Magen to Dominik Hlavac Duran

#16 Updated by Marek Hulán 29 days ago

  • Target version changed from Team Marek Iteration 17 to Team Marek Iteration 18

#17 Updated by Marek Hulán 10 days ago

  • Target version changed from Team Marek Iteration 18 to Team Marek Iteration 19

#18 Updated by The Foreman Bot 10 days ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/4727 added

Also available in: Atom PDF