Comments (2)
Stable API & Users/Operators
I guess technically, what we would want is OpenID Connect since that would provide us with an "ID Token" JWT containing user profile information. Microsoft produces the "ID token" with a claim of "roles", okta returns a claim of "groups", both seem to be an array of strings. I suppose we could make which claim to use configurable.
I'm not sure if there's a standardized way of providing a list of other installations that the user can access through SSO. I suppose this could be done inside the ID Token as well, as a custom claim. It seems that at least Azure's Active Directory OpenID Connect implementation allows adding custom claims to the ID Token.
Persistent views
I suppose the "Persistent views" could use some sort of a URL search parameter secret. We would then have to ensure that they would have a "read-only" access then, since sniffing that search parameter would be trivial. This would basically allow one to have the Sofie without unauthorized people "peeking at it", but still be able to persist those secrets somewhere so that, for example, the Studio baseline can start renderers of these views out on SDI.
from sofie-core.
For users, the authentication side of this could be simplified by listening to certain headers from trusted proxies. The loadbalancer (eg nginx) can then be setup to do the authentication with whatever backend is needed, and populate the headers for us. A big benefit of this approach is that this is a common structure used in kubernetes, so for any organisation wanting to deploy to kubernetes this will work for free.
Perhaps this could be the only authentication method we support?
For other views/uses which want more persistent authentication methods, that becomes a matter of coordinating that with the loadbalancer doing the authentication. It would be possible to configure it to support multiple authentication methods, such as certificates of long-lived tokens. For these it will just be a matter of ensuring the client is capable of the chosen methods.
from sofie-core.
Related Issues (20)
- RFC: This is a test
- RFC: This is a test
- RFC: Changes and addition to (meta)data properties (SOFIE-2797) HOT 5
- RFC: Updating the Looping Feature with Per-Part Looping HOT 9
- RFC: Removing potentially unused feature: 'Preserve contents of playing segment when unsynced' HOT 5
- RFC: Playlist Bucket Adlibs HOT 5
- Bug Report: Runaway playhead (SOFIE-2899) HOT 3
- RFC: Override NRCS Data in the Sofie GUI HOT 7
- Bug Report: AutoNexting missed Parts after Playout Gateway downtime HOT 1
- RFC: Improve GUI Accessibility HOT 1
- RFC: iNews compatiblity with segments HOT 5
- Bug Report: "debug_playlistRunBlueprints" breaks 'Reload NRCS Data' HOT 2
- Bug Report: Pieces reported as stopped when they're not
- Bug Report: Package statuses incorrectly get changed when set as next HOT 4
- Bug Report: Diff Different between (SOFIE-3004) HOT 1
- Bug Report: Inital Sofie Core Setup : Issue with Persistant Storage HOT 6
- RFC: Picking future technologies HOT 4
- RFC: Segment budget timing as primary timing in Sofie HOT 1
- RFC: Server-side notifications HOT 2
- Bug Report: Device Triggers temporarily go blank HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sofie-core.