Comments (6)
Can you tell us more your single sign-on requirements? Our team is currently swamped with dev work. However, if you'll be sponsoring the development of this feature, we can prioritize this.
Please email me at demian @ goautodial.com.
from v4.0.
Related to #47
from v4.0.
@demianb Are there any plans with respect ot this or to #47 ? Might we help to sponsor such development?
Please just shout out if you feel we should discuss those requirements.
from v4.0.
Perfect @lina2358 will be contacting you in a few days with a more detailed write-up.
from v4.0.
Some quick shared understanding in preparation of said that write-up: https://openid.net/connect/
Uncertified: https://github.com/jumbojett/OpenID-Connect-PHP
Certified: https://bitbucket.org/PEOFIAMP/phpoidc/src/default/ (looks rather unusable)
Standard Claims do not contain role information (in GOautodial called "User Groups"). Hence, an additional claim that is application-specific (Goautodial-specific) is needed to assert roles ("User Groups").
Such a collision resistant claim could be:
claims.idp.goaudodial.com/user-group
see also: Collision Resistance as per draft-ietf-oauth-json-web-token-32
Collision-Resistant Name
A name in a namespace that enables names to be allocated in a
manner such that they are highly unlikely to collide with other
names. Examples of collision-resistant namespaces include: Domain
Names, Object Identifiers (OIDs) as defined in the ITU-T X.660 and
X.670 Recommendation series, and Universally Unique IDentifiers
(UUIDs) [RFC4122]. When using an administratively delegated
namespace, the definer of a name needs to take reasonable
precautions to ensure they are in control of the portion of the
namespace they use to define the name.
So, an example response from the IdP to GOautodial could look like:
{
"sub" : "alice",
"email" : "[email protected]",
"email_verified" : true,
"name" : "Alice Adams",
"given_name" : "Alice",
"family_name" : "Adams",
"phone_number" : "+359 (99) 100200305",
"profile" : "https://c2id.com/users/alice",
"claims.idp.goaudodial.com/user-group" : "supervisor"
}
This either creates a new user or authorizes an existing user, identified by sub
- the Subject - Identifier for the End-User at the Issuer. Surely, User Groups need update on every login on-the-fly based on our claims.idp.goaudodial.com/user-group
.
Eventually we might need to define further additional Claims based on the user fields in (also to consider Advanced Settings):
from v4.0.
As for #47 - we can postpone that since it's use case would be to define and synchronize roles (User Groups) with an LDAP backend.
EDIT: Actually an external LDAP group syncer (somethig like this) would do the trick.
from v4.0.
Related Issues (20)
- Kamailio service error
- No Voice WebRTC
- Error in GOagentJS.php HOT 2
- Error in edittelephonyinbound.php
- Ldap core implementation
- XSS Vulnerability in login.php HOT 1
- message "Mysql host is not set" HOT 1
- Realtime Calls Monitoring Not Popup HOT 1
- Helping downstream projects to keep up with the change log HOT 1
- Make php runtime dependencies expilcit HOT 2
- List Management not working HOT 3
- Missing sip_hangup_cause and empty data in table vicidial_carrier_log HOT 1
- Campaign Outbound Autodial and Predictive doesn't work in Goautodial 4 HOT 2
- install: Failed to insert the initial admin user. HOT 4
- Websites are not working
- Can not create bootable USB HOT 1
- GOautodial login page not working HOT 1
- how to show call logs in agent screen HOT 1
- Login Issue After Fresh Installation HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from v4.0.