tickets #98126
closedAccess to the openSUSE authentication server and the openSUSE Mail server
0%
Description
Dear Admins,
Me (karatekhd@opensuse.org) and Adrien (nycticorax@opensuse.org) are currently working on a REST API for the openSUSE infrastructure (See https://lists.opensuse.org/archives/list/heroes@lists.opensuse.org/thread/RVXFYILF4RVK5V5IEE7O3FK5QVSPWWFW/ for more details and https://github.com/openSUSE/defrag-api for the source code).
Currently, we have implemented multiple features, some of which require authorization. Therefore, it would be really helpful if we could have access to the openSUSE authentication server, maybe in a way so that we can add clients to id.opensuse.org. The idea is to have users authenticate completely against the already existing infrastructure and we can just get a session token for our own purposes (= identify it as a unique, logged in, openSUSE user). Being able to add client to Ipsilon would also help me to continue working on the branding for Fedocal, as I currently can not work on anything that requires to be signed in to Fedocal.
Also, we would like to have access to an email address from the openSUSE mail server, so that we can send automated emails (e.g. reminders).
Thank you very much
~Jens
Updated by pjessen over 3 years ago
- Private changed from Yes to No
KaratekHD wrote:
Also, we would like to have access to an email address from the openSUSE mail server, so that we can send automated emails (e.g. reminders).
For sending, you don't need any "access" as such, only if you expect to receive anything, maybe replies or bounces.
Updated by Nycticorax over 3 years ago
KaratekHD wrote:
Dear Admins,
Me (karatekhd@opensuse.org) and Adrien (nycticorax@opensuse.org) are currently working on a REST API for the openSUSE infrastructure (See https://lists.opensuse.org/archives/list/heroes@lists.opensuse.org/thread/RVXFYILF4RVK5V5IEE7O3FK5QVSPWWFW/ for more details and https://github.com/openSUSE/defrag-api for the source code).
Currently, we have implemented multiple features, some of which require authorization. Therefore, it would be really helpful if we could have access to the openSUSE authentication server, maybe in a way so that we can add clients to id.opensuse.org. The idea is to have users authenticate completely against the already existing infrastructure and we can just get a session token for our own purposes (= identify it as a unique, logged in, openSUSE user). Being able to add client to Ipsilon would also help me to continue working on the branding for Fedocal, as I currently can not work on anything that requires to be signed in to Fedocal.
Also, we would like to have access to an email address from the openSUSE mail server, so that we can send automated emails (e.g. reminders).
Thank you very much
~Jens
pjessen wrote:
KaratekHD wrote:
Also, we would like to have access to an email address from the openSUSE mail server, so that we can send automated emails (e.g. reminders).
For sending, you don't need any "access" as such, only if you expect to receive anything, maybe replies or bounces.
pjessen wrote:
KaratekHD wrote:
Also, we would like to have access to an email address from the openSUSE mail server, so that we can send automated emails (e.g. reminders).
For sending, you don't need any "access" as such, only if you expect to receive anything, maybe replies or bounces.
There are two things implicit in Jens' request.
One. We'd like to be able to send to mailing lists, ideally via a service account.
Explanation: The goal is for the API to offer any consuming service the feature to schedule reminders addressed to varying sets of recipients. When the consuming service is an official openSUSE service, it would make sense to allow the consuming service to schedule reminders addresses to official openSUSE mailing lists. This implies that the API would ideally be able to use a service account bypassing the send-only-if-subscribed mechanism currently in place for the mailing lists.
Two. We'd like to be able to use a visually recognizable address, ideally from the "@opensuse.org" subdomain. So the second part of the request is whether the heroes would agree to let us create such an address.
Updated by pjessen over 3 years ago
Nycticorax wrote:
There are two things implicit in Jens' request.
One. We'd like to be able to send to mailing lists, ideally via a service account.
You mean without having to subscribe, I presume. That should be fine, we can explicitly approve requests from any address.
Two. We'd like to be able to use a visually recognizable address, ideally from the "@opensuse.org" subdomain. So the second part of the request is whether the heroes would agree to let us create such an address.
I don't see any problem in that either, as long as the address is not already used as a member alias. What is important is really only if you want to receive any mails (replies, bounces, spam) on the address.
Updated by Nycticorax over 3 years ago
pjessen wrote:
Nycticorax wrote:
There are two things implicit in Jens' request.
One. We'd like to be able to send to mailing lists, ideally via a service account.
You mean without having to subscribe, I presume. That should be fine, we can explicitly approve requests from any address.
Exactly, without subscribing first.
Two. We'd like to be able to use a visually recognizable address, ideally from the "@opensuse.org" subdomain. So the second part of the request is whether the heroes would agree to let us create such an address.
I don't see any problem in that either, as long as the address is not already used as a member alias. What is important is really only if you want to receive any mails (replies, bounces, spam) on the address.
Awesome! So there are other points in Jens' request, but as far as these two are concerned, we are very excited and thankful if these can get through!
Updated by pjessen over 3 years ago
Nycticorax wrote:
Awesome! So there are other points in Jens' request, but as far as these two are concerned, we are very excited and thankful if these can get through!
No problem - let me know which address@opensuse.org you would like to use. I'll check if it is already a member alias (highly unlikely I'm sure). For reception, there are essentially two options -
a) discard.
b) forward to another address.
For the lists, it is a little tedious adding an address to all lists, maybe we can do it one by one, as you progress?
I'll leave the authentication questions for someone else to address.
Updated by lrupp about 3 years ago
- Category set to Accounts
About authentication: this is completely in the hands of SUSE-IT. Moving the ticket under a Category that they screen regularly.
Updated by crameleon over 1 year ago
Moving the ticket under a Category that they screen regularly.
I suppose never can be counted towards regularly. :-)
I'll leave the authentication questions for someone else to address.
Sorry for missing the obvious, but what are the exact questions?
Updated by hellcp over 1 year ago
- Status changed from New to Closed
Asked to close by the original poster