Bug #15286

Missing API for external auth sources

Added by Bryan Kearney about 1 year ago. Updated 13 days ago.

Status:New
Priority:Normal
Assigned To:Joseph Magen
Category:API
Target version:Team Marek Iteration 16
Difficulty: Bugzilla link:1336236
Found in release: Pull request:
Story points-
Velocity based estimate-

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1336236
Description of problem:
hammer user-group external create requires auth_source_id which is not available when configuring IPA/IdM integration with
katello-installer --foreman-ipa-authentication=true

Version-Release number of selected component (if applicable):
6.1.8

How reproducible:
Always

Steps to Reproduce:
1. ipa-client-install
2. katello-installer --foreman-ipa-authentication=true
3. hammer user-group create --name=dummy --role-ids=1,2,3,4
User group [dummy] created
4. hammer user-group external create --name=dummy --user-group=dummy

Actual results:

Could not create external user group:
Missing arguments for 'auth_source_id'

--- No value of auth_source_id works

Expected results:

External group [dummy] created

Additional info:

[root@sat6 /]# hammer auth-source ldap list
---|------|--------|------|------------
ID | NAME | LDAPS? | PORT | SERVER TYPE
---|------|--------|------|------------


Related issues

Related to Foreman - Bug #19064: External group mapping cannot be set when --foreman-ipa-a... Closed 03/29/2017

History

#1 Updated by Dominic Cleal about 1 year ago

  • Category set to Authorization
  • Status changed from New to Feedback

requires auth_source_id which is not available when configuring IPA/IdM integration [..]

An auth source is created when configuring authorize_login_delegation_auth_source_user_autocreate and a user logs in with the external mechanism. The auth source can then be used to create external user groups.

#2 Updated by Marek Hulán 6 months ago

  • Status changed from Feedback to New
  • Target version set to Team Marek backlog

We should probably seed the external auth source, so the very first login attempt could already have some mapped external user groups. I hope that's acceptable fix, so reopening.

#3 Updated by Marek Hulán 3 months ago

  • Related to Bug #19064: External group mapping cannot be set when --foreman-ipa-authentication=true is used and no EXTERNAL user has been created yet added

#4 Updated by Marek Hulán 3 months ago

  • Status changed from New to Duplicate

Closing as a duplicate since after the external auth source is seeded (#19064) the hammer command works just fine.

#5 Updated by Marek Hulán 3 months ago

  • Subject changed from hammer can't create external groups based on IPA/IdM integration to Missing API for external auth sources
  • Status changed from Duplicate to New

Oh no, that's actually not a duplicate, the problem reported here is that hammer can't list external auth source so user can't find out the id to use, I'll change the subject so it's more clear. And of course hammer needs API, our API only provides access to LDAP auth sources. So reopening.

#6 Updated by Dominic Cleal 3 months ago

  • Category changed from Authorization to API

#7 Updated by Joseph Magen 2 months ago

  • Assigned To set to Joseph Magen

#8 Updated by Marek Hulán about 1 month ago

  • Target version changed from Team Marek backlog to Team Marek Iteration 15

#9 Updated by Marek Hulán 13 days ago

  • Target version changed from Team Marek Iteration 15 to Team Marek Iteration 16

Also available in: Atom PDF