Thomas Å. While we wait on TortoiseSVN improvements, what is the "application that performs the OpenIDC authentication" you use on the TortoiseSVN side? Thanks, --Jon
On Friday, March 29, 2024 at 2:02:33 AM UTC-7 Thomas Åkesson wrote: > Hi Jon and Daniel, > > Sorry about the late response. > > We are running TSVN with OpenIDC authenticating with Entra ID (Azure AD), > not through the Microsoft Azure Application Proxy though. > > Server-side, we have Apache httpd as usual but we add the open-source > mod_openidc module (instead of basic auth). In addition, some rewrites and > other config that allows us to tunnel the session token in basic auth > (which TSVN supports). > > We currently have an installed application that performs the OpenIDC > authentication and then inserts the session token in the svn auth cache as > a basic authentication. In order to achieve a cleaner implementation that > can also work with Microsoft Azure Application Proxy the session token must > be sent as a cookie. > > We would be interested in contributing experience, specifications and > server setups if we can get the following stars aligned: > - Financial / developer contributions > - Subversion core committer interest > - TSVN committer interest > > > We also need to reach consensus in primarily the Subversion project but > there is relatively limited amounts of changes that must happen there. > - Sending cookie header with session token instead of basic auth. > - Capture set-cookie response headers related to refresh of the session > cookie. > - "svn auth" support for storing session token, very similar to basic > auth (cookie name and the token). > - maybe something related to handling redirect to ensure that TSVN can > act on that > > When that is in place, I believe it would be possible to have a standalone > helper application that performs the authentication and stores it using the > "svn auth" subcommand (or equivalent). Alternatively add this support in > TSVN which would be the ideal UX. > > Best regards, > Thomas Å. > > > On 20 Mar 2024, at 08:28, Daniel Sahlberg via TortoiseSVN-dev < > tortois...@googlegroups.com> wrote: > > From what I understand, OAuth2 requires both server- and clientside > support. So any solution would need to involve both TortoiseSVN and the > Subversion project (or VisualSVN). I think it is a great idea but I think > some additional development resources would be required to make this > happen. Any chance that you (or your company) can get involved in making > this happen? > > Kind regards, > Daniel > > onsdag 20 mars 2024 kl. 08:11:28 UTC+1 skrev j...@parabilis-space.com: > > We have run into a problem trying to implement SVN on our secure cloud > platform. Is it possible to pay someone to add modern authentication to > TortoiseSVN? > > Specifically we wish to use TortoiseSVN client to access VisualSVN Server > via Microsoft Azure Application Proxy. This requires TSVN to be conversant > in "OAuth 2.0 with OpenID Connect (OIDC)". See > https://auth0.com/docs/authenticate/protocols/openid-connect-protocol > > You can see the error we get by using TortoiseSVN to open this test > repository https://visualsvn.parabilis-space.com/svn/test/ > Error: Repository moved temporarily to ...Oath2/authorize... > > Thank You, > > --Jon > > > -- > You received this message because you are subscribed to the Google Groups > "TortoiseSVN-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to tortoisesvn-d...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/tortoisesvn-dev/4dc5d482-62d0-4c7d-b375-9e1b5e467baan%40googlegroups.com > > <https://groups.google.com/d/msgid/tortoisesvn-dev/4dc5d482-62d0-4c7d-b375-9e1b5e467baan%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- You received this message because you are subscribed to the Google Groups "TortoiseSVN-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to tortoisesvn-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/tortoisesvn-dev/d32430e9-f95c-49d5-bed0-5511bd6893f7n%40googlegroups.com.
