Add support for user account auth with IAP #2626
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ark-kun
reviewed
Nov 19, 2019
Ark-kun
reviewed
Nov 19, 2019
|
@jlewi If everybody shares the same client_id to fetch the refresh token, with which the id_token is generated, would that cause any problems? |
mattnworb
reviewed
Nov 22, 2019
gaoning777
changed the title
|
It is ready for review: @IronPan @hongye-sun @Ark-kun |
|
Thanks Alexey for looking into the diagnose issue, which I've also included in this PR. |
Ark-kun
reviewed
Nov 22, 2019
Ark-kun
reviewed
Nov 22, 2019
|
/lgtm |
|
/lgtm |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: gaoning777 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
RunOrVeith
reviewed
Jan 22, 2020
| @@ -24,13 +24,15 @@ | |||
| @click.option('--endpoint', help='Endpoint of the KFP API service to connect.') | |||
| @click.option('--iap-client-id', help='Client ID for IAP protected endpoint.') | |||
| @click.option('-n', '--namespace', default='kubeflow', help='Kubernetes namespace to connect to the KFP API.') | |||
| @click.option('--other-client-id', help='Client ID for IAP protected endpoint to obtain the refresh token.') | |||
| @click.option('--other-client-secret', help='Client ID for IAP protected endpoint to obtain the refresh token.') | |||
There was a problem hiding this comment.
Just FYI, there is a typo in the help: it is the secret not the ID
magdalenakuhn17
pushed a commit
to magdalenakuhn17/pipelines
that referenced
this pull request
Oct 22, 2023
Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change is
For local dev, it opens up a tab in the webbrowser; For notebooks, it displays a link.
It also stores the credentials locally in $HOME/.config/kfp/credentials.db such that future requests can be automated.