Hi,
I need a permanent session token for fedoraproject.org and stg.fedoraproject.org,thanks for your help.
Thanks, Lili
Hi Lili
Could you give more info on why you need a permanent session token? It would not be normal good practise to issue these.
Metadata Update from @mobrien: - Issue priority set to: Waiting on Reporter (was: Needs Review)
Hi , I have wrote a service which will listen to fedora-messaging message ,and trigger jobs and report to wiki the results,so I need a permanent session token to avoid interactive authentication.Would you please send me the token to my email?Or,would you please tell me where should I open a ticket?Thanks.
I am not sure we have set up permanent session tokens at all (or in at least a very very very long time). This will need some research on our part. There are a couple of questions that I know will be asked by other admins:
Some of these are security related since the wiki gets hit with a lot of spam and people have tried different ways to get permanent access to it in the past. [Then Fedora gets blacklisted again by google for being a spam-site ...] If there is a permanent token that service needs more eyes on it.
hi, I'm following Authentication of this page https://pagure.io/fedora-qa/python-wikitcms and thought it's a very common case, at least Openqa has a permanent one? 1.Where is this service listening to fedora-messaging running? On fedora Infra servers or container on openshift deployed by internal pnt dev ops 2.What jobs is it triggering and where? Customized Installation jobs on beaker servers testing fedora branched compose and rawhide compose 3. What group is this work for (QA/Engineering/Communications/etc) QA
Metadata Update from @mohanboddu: - Issue tagged with: medium-gain, medium-trouble, ops
IIUC you just want an OIDC token to authenticate to wiki?
@lnie basically wants the same thing we have for openQA to do wiki reporting. The token that's {{ private }}/files/openidc/production/wikitcms.json in ansible. lnie is on the same team as me, this is Fedora QA work.
{{ private }}/files/openidc/production/wikitcms.json
yes,thanks Adam's comment:)
Does it need the same scopes?
it would need to be able to edit the wiki, basically. I dunno what scopes the openQA token has.
Checking the DB for @adamwill's token, it has:
scope | ["openid", "https://fedoraproject.org/wiki/api"]
So let's do the same.
How can we give you access to that token? Should it be in the private repo for @adamwill or should we send it to you somehow? (a file on fedorapeople? gpg encrypted email?)
Oh one thing that we are missing is: What is the name of the application?
Metadata Update from @pingou: - Issue assigned to pingou
hi, the name is fedora-release-autotest,thanks.
I have created the token, how should I send it to you?
Hi,thanks a lot for your help,by email?lnie@redhat.com Here is my gpg pub key just in case it's needed
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBF9GJiwBEAC9mpTGITlYJi+WY32zlUt4+VnutCzmeRUQIMUg8PVZkS1Ve9QG RKmG/qdvXcfGFDzdQ/jP07gmcYRSNXKFvo82tdpg/2YKnI+cAiBZNyrOkeYNWvyY UqZcgAiDddsg+9L+6cUe/wKtebQgs3oxrbSFaBVSEgrAbuT3joSKaMY3j5CfKDo/ EKXmaTcfsECOu/fQUvLu2/Ul+sQtBsIwiWEnJCm5HwQZYlO3qmwI+WhghcVD/wW0 kgY+LwnMT8wKGp6yrotPnemHlBATrqqUqzit1fzDO2zhZpdv9vV56DBMoSATLeZS t1Jgee/Jgkxk1IAvzJqJASN2E6OFGuiAopNoP1DGXO8aTYHHT7vW14I3Yo8zvpul x+KYfpIQFt/fr/E/krc23XpIDdA09PmgsSgnfrYqlRATcfKwA+OmD+k1ypLwkT4L CATGM/pVODVkosrBt8tTR7J6xQ6HuytT5nLQgREjya58XJyRLfFe0FxrtQkB4sc2 69IYSUksF7rvF374J6N5nUlvIZODrCBRbsl3TD2nkLY2Sd0k0n3/+pIf5dUm29Pj Tg0tCKygfXdtOvzBWe1n+Q9UM6u6ZT3A8ToqoRDEFuqJaIJ/R67ph5sbPMTjoITI tioy4uCEbiAt6TgZfRyda8MziMxkiBteHQcCm0vWN99b6cNDTMFA0cdZAQARAQAB tDxmZWRvcmEtcmVsZWFzZS1hdXRvdGVzdCA8ZmVkb3JhLXJlbGVhc2UtYXV0b3Rl c3RAcmVkaGF0LmNvbT6JAk4EEwEIADgWIQRdT8E6Jp8lFyVQlAJ6ARGkL2JCYgUC X0YmLAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRB6ARGkL2JCYsCYD/4n ceH/ngIte3TQO7Jf0jPtsYSk02656zw6y3x0e3RkYpQeLHdquqf6RxpycrJpgf6z 0/ctKsd5WVBOUBJCjZ7uKY6LyLw1SWdZws0n5ha4Kd/6hEbb4LGQ7ipXnTxwPleW +NE/7LTBXa0LGFbxZndZJ/BSfKW26yQ7KD+229mI/CCCVrNqbytBW9C5nemf+Uj1 pp3vchBGnzjxRfzkm11HPgytpgMZPU/NVuDHU9HhYGXaBLyjEqUyQIV3G47XBDxY 1h60vr8mt+RbGJSFcsj9+ciyRiHEK3l64V/jR0311mZlA/YiPltS6cALv2wu0Mp9 bq+N3KNpBWybUPRLvxTJZq9FQbiec8gYFO4M9oVSfMYXJ3tIiGjDhpyZ++//yqjs 0bAHZXBSxogTNsdbNbzLz+mtLLt4o9dMSmNKwtnH0adbiGyRKhbPNyr3xWY+jRgE MjVdMDYVN96Ts/F8LUFBbvLNnQrCPKlEVLcmpIsFgTA9DbnJnTPnC32KhbmP4jHh Ji32PvBTWsFRhD5TmNnJNiMbkIESy0sa1JwrJX+OBv1HfR5VvqVYgkN5jYxWfk8z g8181we4MhVUiHmBYzdhtwbvltn75h0oplvlWNRFOhk+3X2MqULrH887dfrd5RsY s37V9tGwiuc7yuIu/paporuwJYzHeXY7+JSCY+CDuLkCDQRfRiYsARAA0NWTQPXO Ie3JWYMu5RvtMWTWK/7f2gsuYn8JjcDarsq7Hnp63W2I4cIVzO/n47+U7NizT6vi 1s4afpapWiDmIdswJ42dHudOiPTzP3uN27TyccoSGTgJaWnJYA/VOwkjeirpXOtp PR3KQKRNYKq0zyKuyD9nYBnjLHtrrQeiAxoRheZ2tkUl3UzJoFuqNYHtP1OV3smt cDuWr4pXT/RnWNra6CMhs8VlCQgMFFnJytfjka1Ss+9aXmNfnVVcrjOM3WCC65fI Uy+zL4efBEYwh0YSm3qhVtpaBYzTSg2RUxsJsk1JBHkibudhvzgMitBjMgH1z4AP PkW95yxwDj5EMwmgpaS9Yvq0W8fmQKVo4ovyuH/w81jUVKZbtdVWryjsHdcEo24e I0MlTmnE9cY3n1w+Z/xTvPP6KQ3kNE4TuOlN1U946BkVHVQ/4DsL1O1nCEOVtn/+ PVCHD89b+N1oQcYhj5q8iYNbUvtHAoNGrShUu1dM6D0Udy4EHWbMO3B3lASLmrYn FyDD8U8dw+n21cAlGSzpcAMf7bNMY+g4AZUrPgLz2ltIgciVBrtmoa6RZM1qc9z7 PYkN8aO5G+xCZoqktfUUG5hpFwNtsH+qxV3Y6onCb12HL1A3KM5ZqX+0I2jD89Mi ulZe8I3CJnw8zvlZe416DATOpq0Z5KCWTAsAEQEAAYkCNgQYAQgAIBYhBF1PwTom nyUXJVCUAnoBEaQvYkJiBQJfRiYsAhsMAAoJEHoBEaQvYkJiJAYQAJuN4WUjq+yl hiVkbBJa+PQC5B1PwKJ/pNWkzvoXOMysP0li+kIO1bVbRUtm1Ypy7rGgHi407UbH DwDN8rYpZwgM/QYJQ4DgoXTPGMx4IubowXYCxdH9Gt4FbBh21Pv94zIJooekAKvr 7H09ll8qdwkUuICzgalSoaROCcbzQbg5wa2qQm+bIVqAJiuXORwpp5sXnZRK9URH mjH72sTRySsvXq/UTfv8zePT/1sixAEGlJpIgWYm7W/2RV7gxrI8duXYhpB0ct7i 2jG4c5s0L9ZYizV+89QSosIGYWxPa+AtVk+YhevS805/Q4w4efirU7bi+ZzcsmNc XLqdS6WkM/nm0bAPdoVADXdYywsM5xs1H3MlOSdRsMPTj/SqaFxE5gmZU3gIk1gG IoOYpXrFsOe21B2AO8EfbJD0ReRlyDwLmAnpXRTAJfBEC97c/l97mc61YXA9nniW eFujgrk24XfBPfhmYOUa8wnm1shY/t7rhc1wbXUUZ76FxTZu5bu3vMgbApmcOY2d lTL+GTvI/kq+OaQi0HmLn3NT/s53Lbm/wrUYk+ssO3eMhexzAWgMxyJc76dA50tt CUPJ/2fRLylidhTBJG93uahZhnbsr4sQu0j7yDEVzR3A6ov4JV/+pWGR6CCzx7fb 5C7Zs1tM9ixTse/pw4BOxE4qOrelI6UL =ZpbE -----END PGP PUBLIC KEY BLOCK-----
I've sent you the token, could you confirm you've received and can read it?
Thanks
Hi, I can read it,thanks for your help again:)
Cool, let's close this ticket then :)
Let us know if you need anything else!
Metadata Update from @pingou: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.