RBAC | Luis Cachohttps://luiscachog.io/category/rbac/RBACWowchemy (https://wowchemy.com)en-usMon, 23 May 2022 00:00:00 +0000https://luiscachog.io/media/icon_hu4fa4dbbaafd6f1b45a88958b9b4a0dd0_11007_512x512_fill_lanczos_center_3.pngRBAChttps://luiscachog.io/category/rbac/OpenID autodiscovery URL integration in OpenShifthttps://luiscachog.io/garden/openid-integration-openshift/Mon, 23 May 2022 00:00:00 +0000https://luiscachog.io/garden/openid-integration-openshift/<div class="highlight"><pre tabindex="0" class="chroma"><code class="language-shell" data-lang="shell"><span class="line"><span class="cl"><span class="c1"># Discover the available URLs from your autodiscovery URL</span> </span></span><span class="line"><span class="cl">curl https://&lt;idp_host&gt;/.well-known/openid-configuration </span></span></code></pre></div><div class="highlight"><pre tabindex="0" class="chroma"><code class="language-shell" data-lang="shell"><span class="line"><span class="cl"><span class="nv">CLIENT_SECRET</span><span class="o">=</span><span class="k">$(</span>oc get secret -n openshift-config my-id-secret my-id-secret -o <span class="nv">jsonpath</span><span class="o">=</span><span class="s1">&#39;{.items[0].data.clientSecret}&#39;</span> <span class="p">|</span> base64 -D<span class="k">)</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">curl -s -X POST https://&lt;idp_host&gt;/idp/userinfo.openid -H <span class="s1">&#39;content-type: application/x-www-form-urlencoded&#39;</span> -d <span class="s2">&#34;client_id=ocp4testawsuswest2QA&amp;client_secret=</span><span class="si">${</span><span class="nv">CLIENT_SECRET</span><span class="si">}</span><span class="s2">&amp;access_token=</span><span class="si">${</span><span class="nv">ACCESS_TOKEN</span><span class="si">}</span><span class="s2">&#34;</span> <span class="p">|</span> jq </span></span></code></pre></div><p><strong>References:</strong> - <sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup> <a href="https://access.redhat.com/solutions/4605141" target="_blank" rel="noopener">https://access.redhat.com/solutions/4605141</a></p> <div class="footnotes" role="doc-endnotes"> <hr> <ol> <li id="fn:1"> <p><a href="https://access.redhat.com/solutions/4605141" target="_blank" rel="noopener">https://access.redhat.com/solutions/4605141</a>&#160;<a href="#fnref:1" class="footnote-backref" role="doc-backlink">&#x21a9;&#xfe0e;</a></p> </li> </ol> </div>