We are implementing OOD as a frontend for our Slurm cluster in AWS. We are using AWS Cognito based OIDC provider. We want to get access to the OIDC ID Token so we can get the AWS credentials for the user and store it in the users home dir.
I have looked at the Kubernetes cluster example and understand that I can use the pre pun hook scripts to get access to the ID token at the beginning. Is there a mechanism that I can use to get the ID token from Apache after it refreshes the token?
I don’t think you can grab the refresh token after the fact, but IIRC you can get the OIDC provider to pass it back when you login (i.e., in the pun pre root hook script).