-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: added metadata and auth flow #178
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose that in the auth_flow
diagram we're missing two interactions between steps 6 and 7:
update SAMLSession
record with theSAMLResponse
parameter after the redirect POST on thesaml/acs
endpointinit OIDCSession
record after successful issuing of theauthorization_code
chore: maybe it could be useful to add the /token
POST request after the step 7. to make init of AccessTokenSession Record
more explicit
Signed-off-by: himazawa <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- In the
auth_flow
I would connect the/token
to theAPI Gateway
instead of directly tooneid-ecs-core
- In the
metadata_flow
I would add the Parameter Store dependency because the lambda will need it to sign and public the metadata with the certificate
parameterStore { | ||
icon: ../icons/paramstore.svg } | ||
|
||
github { | ||
icon: ../icons/github.png | ||
} | ||
|
||
identityServices { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
parameterStore { | |
icon: ../icons/paramstore.svg } | |
github { | |
icon: ../icons/github.png | |
} | |
identityServices { | |
parameterStore: { | |
icon: ../icons/paramstore.svg | |
} | |
github: { | |
icon: ../icons/github.png | |
} | |
identityServices: { |
class: apigw | ||
} | ||
|
||
parameterStore { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
parameterStore { | |
parameterStore: { |
dynamoDB :{ | ||
class: dynamo | ||
} | ||
|
||
parameterStore { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dynamoDB :{ | |
class: dynamo | |
} | |
parameterStore { | |
dynamoDB: { | |
class: dynamo | |
} | |
parameterStore: { |
class: cloudfront | ||
} | ||
|
||
dynamoDB :{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dynamoDB :{ | |
dynamoDB: { |
} | ||
} | ||
|
||
dynamoDB :{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dynamoDB :{ | |
dynamoDB: { |
No description provided.