[BE] PMM->Portal: get and use access_token from okta

General

Escalation

General

Escalation

Description

User story
Almost every request to portal from PMM needs to be authenticated. We now use SessionID and refresh the session continuously. But after connecting PMM to Portal we can't rely on that. We should use access_token we get from okta using client id and client secret instead.

Out of scope

connecting the PMM to Portal
we can first create dummy model that returns all data we need for request to okta to get access_token, so the person implementing the real PMM -> Portal connection can fill in real model without changes in this ticket . DONE IN PMM-9066.

Suggested implementation

fill in implementation of an API defined in PMM-9066 for getting and refreshing the access_token, as we discussed, we can do this on demand. Just make sure we don't try to refresh token from two simultaneous request.

Details

refresh tokens and access tokens have both expiration time
we should still be able to get basic stt checks without any authentication

How to test

None

How to document

None

Smart Checklist

Activity

Show:

Jiří Čtvrtka November 30, 2021 at 9:50 AM

Flag added

Waiting on 9060 to create build with all features together.

Jiří Čtvrtka November 15, 2021 at 2:55 PM

Flag added

Since this task cannot be tested by QA separately I added flag until https://jira.percona.com/browse/PMM-9075 will be reviewed and approved too.

Done

Details

Assignee

Unassigned

Reporter

Former user(Deactivated)

Priority

Medium

Labels

reviewed_by_qa

Needs QA

Yes

Fix versions

2.25.0

Story Points

Parent

PMM-9050 Connect PMM Server to Percona Portal for additional account info in PMM and value added content

Smart Checklist

Created October 22, 2021 at 3:07 PM

Updated December 18, 2021 at 11:57 AM

Resolved December 3, 2021 at 7:04 PM

Configure