Skip to content
This repository has been archived by the owner on Apr 16, 2023. It is now read-only.

Token-based authentication with user context #209

Draft
wants to merge 16 commits into
base: bleeding-1.X.X
Choose a base branch
from
Draft

Token-based authentication with user context #209

wants to merge 16 commits into from

Conversation

MarkL4YG
Copy link
Member

Implements a method that allows HTTP requests to be authenticated as a specific user.
The implementation is not complete and has several extension points that can be worked on in future issues.

The previous mechanism has been deleted in favor of this new implementation. Subsequently, tokens no longer have scopes at the moment.

  • Breaking change: Package de.fearnixx.jeak.service.controller has been renamed to de.fearnixx.jeak.service.http.
  • Breaking change: Interface IRestControllerService has been renamed to IControllerService.
  • Breaking change: Controller annotations have been moved to de.fearnixx.jeak.reflect.http.
  • Breaking change: isSecure parameter of RequestMapping annotation has been renamed to requireAuth.
  • Addition: IRequestContext has been created & implemented as a future extension point to contextual information on requests and additional parameter injections via RequestContext annotation.

Closes: #203

@MarkL4YG MarkL4YG added service Issues & PRs related to a specific service. api Related to API changes / additions (internal API) breaking Indicator for breaking changes that may violate SEMVER minor rules. integration Related to integration with OS & other projects (external API) labels Jun 27, 2020
@MarkL4YG MarkL4YG self-assigned this Jun 27, 2020
@MarkL4YG
Copy link
Member Author

I still have to tidy up some stuff (for example, add the ability to generate tokens via. commands) but the basic idea should be visible.

finnWellers
finnWellers suggested changes Jul 5, 2020
View reviewed changes
Copy link
Contributor

@finnWellers finnWellers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just as info: in ControllerService there is an unused import and ControllerRequestVerifier still has to be deleted. Apart from that it looks good.

@MarkL4YG
Copy link
Member Author

Just as info: in ControllerService there is an unused import and ControllerRequestVerifier still has to be deleted. Apart from that it looks good.

Are you sure? Both things don't appear to be the case in my dev environment with no staged changes. 🤔

@MarkL4YG
Copy link
Member Author

MarkL4YG commented Aug 1, 2020

// Next up: Test plugins to test this features 😅

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@finnWellers finnWellers finnWellers requested changes

At least 1 approving review is required to merge this pull request.

Assignees

@MarkL4YG MarkL4YG

Labels
api Related to API changes / additions (internal API) breaking Indicator for breaking changes that may violate SEMVER minor rules. integration Related to integration with OS & other projects (external API) service Issues & PRs related to a specific service.
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[🚀] Authentication/Authorization service for REST controllers (basic)
2 participants
@MarkL4YG @finnWellers