Open issues

Identity UAE for MFA Signup
REP-4652
client-auth-n's atom-feed is reading all events in entire feed every check-interval
REP-2434
Fix default log rotation approach (log4j2 and logrotate)
REP-5691
SPIKE: Figure out how to write an OpenShift Template for Repose
REP-5687
Q1 2018: Flush Repose Cache when Domain role change event comes in
REP-5344
OpenShift Template for Repose in OpenShift
REP-5281
Log files not being rotated on shipped log4j2.xml
REP-4666
Docs for Repose Best Practices for Configs
REP-4232
Kv2 Authorization
REP-3932
Deprecate AuthZ in Kv2
REP-3928
Performance Testing for Repose 8 UAE
REP-3840
Repose Service Script Should Handle Invalid Java Variable Better
REP-3185
Other validators aren't resolved when the first is default
REP-3099
SPIKE: figure out JSON Path Script Expression dependency
REP-3041
Configure EHCache By Configuration File Rather
REP-3024
Valkyrie Culling JSON Path Script Expression Feature
REP-3005
Keystone v2v2 Improperly Caching Token When Token Expires Before Caching
REP-2808
Wire in Fireside to Repose
REP-2689
Port Fireside to Java for Performance
REP-2688
Test Suite for Fireside / Servlet Spec compliance
REP-2687
WSGI for Jython Filters
REP-2686
Mutable Wrappers Do Not Parse Parameters When Wrapping
REP-2394
Servlet Spec Items to Iterate on Later
REP-2187
Valkyrie Performance Testing
REP-2095
Update Keystone v3 filter to support Dedicated Auth
REP-1839
Need Automated Testing of Flume Sink
REP-1782
Update release notes/wiki upgrade doc to better document stopping/starting server during upgrade
REP-1446
Refactor Configuration Service
REP-1380
Move Repose to a more usable, modularized model
REP-1379
Implement filter/service to publish events to Cloud Feeds for every user API request
REP-1269
EPIC: EPS integration
REP-1238
Self Validating Tokens
REP-1228
KeystoneV3
REP-372
If necessary, update docs and release notes.
REP-336
Code Review
REP-335
QE Test
REP-334
Create Tests to prevent it from happening again.
REP-333
Fix it
REP-332
Diagnose
REP-331
A tracing filter implementing Twitter Zipkin in Repose
REP-321
Technical Debt
REP-316
Find way to reproduce bug.
REP-201
Authentication
REP-167
Fix (if necessary)
REP-156
Rebuild Jenkins
REP-7973
PR on Puppet Repose
REP-7971
Make sure Repose 9 Obsoletes prior versions
REP-7968
Do the Research
REP-7967
Update Filters and Core Code to support UTF-8 encoded identity fields
REP-7966
Find a Library to handle UTF-8 Encoding and decoding of headers
REP-7965
issue 1 of 540

Identity UAE for MFA Signup

Description

When setting up MFA a request is made as usual for a token, but it is requested for a specific scope (see link in comments). This token can only be used for calls that are related to setting up mfa. We need to pay attention to the response to the initial token request, and put the token and username into the cache for population into later mfa setup requests.

I have a small concern here, in that i believe some of these mfa setup requests can also be made with a regular token. The overall solution for identity and uae has them using our keystone v2 filter for any calls that take a regular token, but the filter would reject such a call that it got with the mfa scoped token. Will discuss with Jorge and update.

Acceptance Criteria:

  • ???

Environment

None

Status

Assignee

Unassigned

Reporter

Mario Lopez

Labels

None

External issue ID

None

External issue ID

None

External issue ID

None

External issue ID

None

External issue ID

None

External issue ID

None

CoAssignee

None

Capitalizable

True

Epic Link

Priority

Blocker