This page gives an overview of the Raven OAuth2 service, describing its current status, where and how it's developed and deployed, and who is responsible for maintaining it.
The Raven service provides a self-service, web-based interactive sign in service for the University. It has several parts. Raven OAuth2 provides a standard OAuth 2.0 interface for sites around the University.
Any application supporting sign in with Google can make use of Raven OAuth2.
cam.ac.uk Google Workspace is configured to authenticate users via the
Raven Core Authenticator (a SAML2 IdP).
There is a dedicated documentation site for Raven including its OAuth2 interface.
The Raven OAuth2 service is currently live. There are no plans to decommission the service.
Technical queries and support should be directed to firstname.lastname@example.org and will be picked up by a member of the team working on the service. To ensure that you receive a response, always direct requests to email@example.com rather than reaching out to team members directly.
Raven OAuth2 is currently deployed to the following environments:
All environments access a meta project (Raven Core Idp meta) for shared secrets and monitoring.
Source code for Raven OAuth2 is spread over the following repositories:
|Raven Core Authenticator1||Containerised Apache2 frontend which handles interactive authentication|
|Raven Infrastructure1||Terraform configuration for infrastructure and deployment|
1 DevOps only
The following gives an overview of the technologies that Raven OAuth2 is built on.
|Authenticator||Python 3.7||Django 2.2|
How and where the service is deployed¶
The Raven Core infrastructure is deployed using Terraform, with releases of the authenticator application deployed by the GitLab CD pipelines associated with the infrastructure Gitlab project (DevOps only).
Deploying a new release¶
README.md files in each of the source code repositories explain how to
deploy the Authenticator App.
Our standard 'webapp' alerts have been configured:
- Service uptime check from various geographic regions
- SSL expiry checks
See the Raven Core Authenticator project (DevOps only) for details on how to deploy a local development instance.
Service Management and tech lead¶
The service owner for Raven OAuth2 is Vijay Samtani.
The service manager for Raven OAuth2 is Rich Wareham (provisional).
The tech lead for Raven OAuth2 is Rich Wareham.
The following engineers have operational experience with Raven OAuth2 and are able to respond to support requests or incidents: