arc/docs/flask-oidc/index.rst

Flask-oidc
==========

Purpose
-------

Flask-oidc is a library used across the Fedora infrastructure. For its authentication it
the oauth2client library is used. This is now deprecated and no longer maintained. This
will need to be replaced.

Resources
---------

- Flask-oidc code: https://github.com/puiterwijk/flask-oidc
- Bodhi implementation:
  https://github.com/fedora-infra/bodhi/tree/develop/bodhi-server/bodhi/server/auth
- Authlib docs: https://docs.authlib.org/en/latest/basic/index.html

Investigation
-------------

Here is the list of ideas/things we discussed/looked at:

.. toctree::
    :maxdepth: 1

    oauthlib_authlib
    authlib_code

Conclusions
-----------

Authlib is the new industry standard and looks to be a suitable replacement for
oauth2client. The flask-oidc code would need to be rewritten to replace all the
oauth2client code.

The flow of the code would need to be adjusted to work with the new library. Google-auth
and authlib were looked at for this investigation and it was suggested that authlib
looks a better replacemnt.

Proposed Roadmap
----------------

1. Find all instances of ouath2client code in the current flask-oidc code
2. Map the functionality of this code and what will be needed from the new library
3. Write the flow to replicate this functionality using the new library
4. Cut a new release using the updated code
5. (Optional) Update all appps in the Fedora infra which require this module
flask-oidc: fix title Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-03-30 14:01:34 +01:00			`Flask-oidc`
fix rst warnings Fixes a bunch of warnings -- mostly title underscores not matching the titles Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2022-05-05 12:52:09 +10:00			`==========`
flask-oidc: add index Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-03-30 13:58:46 +01:00
			`Purpose`
			`-------`

fix parsing errors and sphinx warnings Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2023-11-16 08:02:56 +10:00			`Flask-oidc is a library used across the Fedora infrastructure. For its authentication it`
			`the oauth2client library is used. This is now deprecated and no longer maintained. This`
			`will need to be replaced.`
flask-oidc: add index Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-03-30 13:58:46 +01:00
			`Resources`
			`---------`

fix parsing errors and sphinx warnings Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2023-11-16 08:02:56 +10:00			`- Flask-oidc code: https://github.com/puiterwijk/flask-oidc`
			`- Bodhi implementation:`
			`https://github.com/fedora-infra/bodhi/tree/develop/bodhi-server/bodhi/server/auth`
			`- Authlib docs: https://docs.authlib.org/en/latest/basic/index.html`
flask-oidc: add index Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-03-30 13:58:46 +01:00
			`Investigation`
			`-------------`

			`Here is the list of ideas/things we discussed/looked at:`

			`.. toctree::`
			`:maxdepth: 1`

flask-oidc: fix indentation Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-03-30 14:16:20 +01:00			`oauthlib_authlib`
flask-oidc investigation Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-04-04 14:59:10 +01:00			`authlib_code`
flask-oidc: add index Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-03-30 13:58:46 +01:00
			`Conclusions`
			`-----------`

			`Authlib is the new industry standard and looks to be a suitable replacement for`
			`oauth2client. The flask-oidc code would need to be rewritten to replace all the`
			`oauth2client code.`

fix parsing errors and sphinx warnings Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2023-11-16 08:02:56 +10:00			`The flow of the code would need to be adjusted to work with the new library. Google-auth`
			`and authlib were looked at for this investigation and it was suggested that authlib`
			`looks a better replacemnt.`
flask-oidc: add index Signed-off-by: Mark O Brien <markobri@redhat.com> 2022-03-30 13:58:46 +01:00
			`Proposed Roadmap`
			`----------------`

			`1. Find all instances of ouath2client code in the current flask-oidc code`
			`2. Map the functionality of this code and what will be needed from the new library`
			`3. Write the flow to replicate this functionality using the new library`
			`4. Cut a new release using the updated code`
			`5. (Optional) Update all appps in the Fedora infra which require this module`