-
Notifications
You must be signed in to change notification settings - Fork 18
User registration feature
In order for the Service Platform to be able to control who can access which resources, we need to know who the user is.
Also known as: User sign-up.
In the Sonata Service Platform, users may be of three types:
-
Admins: those with a little more privileges than others. The default admin user is defined at the Service Platform's set-up and installation (see
son-install); - Developers: those developing services and functions, and uploading them in the form of packages;
- Customers: those buying services (or, instantiations of services).
Non-admin users of the Service Platform are able to register users either through the GUI (see son-gui, for developers), the BSS (see son-bss, for customers), or directly through the API.
Default admin account (master):
By default there is no admin user created so you won't be able to login to the User Management nor the admin console. To create an admin account you need to use environment variables to pass in an initial username and password. This is done by passing the next variables or editing them in the settings found in son-gkeeper/son-keycloak/create_predefined_entities.sh in son-keycloak component:
KEYCLOAK_USER=<USERNAME>KEYCLOAK_PASSWORD=<PASSWORD>
Furthermore, the next settings must be properly configured:
KEYCLOAK_PORT=5601KEYCLOAK_USER=adminKEYCLOAK_PASSWORD=adminKEYCLOAK_URL=http://localhost:$KEYCLOAK_PORTKEYCLOAK_OPENID_TOKEN_ENDPOINT=$KEYCLOAK_URL/auth/realms/sonata/protocol/openid-connect/tokenADAPTER_URL=http://son-gtkusr:5600/api/v1/configADAPTER_ADMIN=http://son-gtkusr:5600/admin
Platform admin account:
- work in progress...
Input data for user registration is comprised of the following fields:
-
certificate: the user's certificate (optional); -
email: the user's email, must be unique within the platform; -
first_name: the user's first name (optional at the Gatekeeper's API level, mandatory for Customers -- register in the BSS); -
last_name: the user's last name (optional at the Gatekeeper's API level, mandatory for Customers -- register in the BSS); -
password: the user's password, remember to never, ever show these lines to anyone; -
private_key: the user's private key (optional, but strongly recommended for developers); -
user_type: the user's type, should be either 'developerorcustomer`; -
username: the user's name, must be unique within the platform;
A successful user registration request returns a 201(Created) code and the fields:
-
username: the user's name, must be unique within the platform; -
uuid: the UUID generated by the platform.
When unsuccessful, the user registration request returns:
-
400(Bad request) when there was something wrong with passed parameters; -
409(Conflict) when either theusernameor theemailis already registered.
This section shows some examples of usage of this user registration feature.
To register a new user using the GUI please check here. Users registered in the GUI are of type developer.
To register a new user using the BSS please check here. Users registered in the GUI are of type customer.
To register a new user using the API you may use any tool, such as curl, like in
$ curl -d '{"username":"sonata","password":"1234","user_type":"developer","email":"sonata@sonata-nfv.eu"}' <IP>:<port>/api/v2/usersA successful user registration request returns a 201(Created) code and the username and the user uuid, like in
{"username":"sonata","uuid":"9f107932-19b0-4e9e-87e9-3b0b2ec318a7"}$ http :5000/api/v2/users username=jbonnet password=1234 user_type=developer email=jbonnet@example.com HTTP/1.1 201 Created Content-Length: 183 Content-Type: application/json Location: http://sp.int3.sonata-nfv.eu:5600/api/v2/users/3df4d006-40e5-441a-8865-7e1b1355c33d X-Content-Type-Options: nosniff
{ "created_at": null, "email": "jbonnet@example.com", "secret": "amJvbm5ldDoxMjM0", "session": null, "user_type": "developer", "username": "jbonnet", "uuid": "3df4d006-40e5-441a-8865-7e1b1355c33d" }