of-watchdog icon indicating copy to clipboard operation
of-watchdog copied to clipboard

Published 20 hours ago verified publisher icon openfaas

Support function authentication with OpenFaaS IAM

Open welteki opened this issue 9 months ago • 0 comments

Description

If JWT authentication is enabled by setting the env variable jwt_auth: true in the stack.yml file the watchdog requires an OpenFaaS function token for request authentication.

Authentication tokens can be optioned through OpenFaaS IAM.

The watchdog verifies the token is valid and checks of an actor is authorized to invoke the function by validating the permissions claim in the token.

Authentication can be enabled

Motivation and Context

  • [ ] I have raised an issue to propose this change (required)

Support IAM authentication for functions.

How Has This Been Tested?

This change has been tested E2E with the updated oidc-provider.

Types of changes

  • [ ] Bug fix (non-breaking change which fixes an issue)
  • [x] New feature (non-breaking change which adds functionality)
  • [ ] Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • [x] My code follows the code style of this project.
  • [ ] My change requires a change to the documentation.
  • [ ] I have updated the documentation accordingly.
  • [x] I've read the CONTRIBUTION guide
  • [x] I have signed-off my commits with git commit -s
  • [x] I have added tests to cover my changes.
  • [x] All new and existing tests passed.

welteki avatar May 09 '24 11:05 welteki