Skip to content
This repository was archived by the owner on Apr 16, 2023. It is now read-only.

Token-based authentication with user context#209

Draft
MarkTwoFive wants to merge 16 commits into
bleeding-1.X.Xfrom
t/request-authentication
Draft

Token-based authentication with user context#209
MarkTwoFive wants to merge 16 commits into
bleeding-1.X.Xfrom
t/request-authentication

Conversation

@MarkTwoFive
Copy link
Copy Markdown
Member

@MarkTwoFive MarkTwoFive commented Jun 27, 2020

Implements a method that allows HTTP requests to be authenticated as a specific user.
The implementation is not complete and has several extension points that can be worked on in future issues.

The previous mechanism has been deleted in favor of this new implementation. Subsequently, tokens no longer have scopes at the moment.

  • Breaking change: Package de.fearnixx.jeak.service.controller has been renamed to de.fearnixx.jeak.service.http.
  • Breaking change: Interface IRestControllerService has been renamed to IControllerService.
  • Breaking change: Controller annotations have been moved to de.fearnixx.jeak.reflect.http.
  • Breaking change: isSecure parameter of RequestMapping annotation has been renamed to requireAuth.
  • Addition: IRequestContext has been created & implemented as a future extension point to contextual information on requests and additional parameter injections via RequestContext annotation.

Closes: #203

@MarkTwoFive MarkTwoFive added service Issues & PRs related to a specific service. api Related to API changes / additions (internal API) breaking Indicator for breaking changes that may violate SEMVER minor rules. integration Related to integration with OS & other projects (external API) labels Jun 27, 2020
@MarkTwoFive MarkTwoFive requested a review from finnWellers June 27, 2020 12:29
@MarkTwoFive MarkTwoFive self-assigned this Jun 27, 2020
@MarkTwoFive
Copy link
Copy Markdown
Member Author

MarkTwoFive commented Jun 27, 2020

I still have to tidy up some stuff (for example, add the ability to generate tokens via. commands) but the basic idea should be visible.

finnWellers
finnWellers suggested changes Jul 5, 2020
View reviewed changes
Copy link
Copy Markdown
Contributor

@finnWellers finnWellers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just as info: in ControllerService there is an unused import and ControllerRequestVerifier still has to be deleted. Apart from that it looks good.

@MarkTwoFive
Copy link
Copy Markdown
Member Author

MarkTwoFive commented Jul 29, 2020

Just as info: in ControllerService there is an unused import and ControllerRequestVerifier still has to be deleted. Apart from that it looks good.

Are you sure? Both things don't appear to be the case in my dev environment with no staged changes. 🤔

@MarkTwoFive
Copy link
Copy Markdown
Member Author

MarkTwoFive commented Aug 1, 2020

// Next up: Test plugins to test this features 😅

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@finnWellers finnWellers finnWellers requested changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@MarkTwoFive MarkTwoFive

Labels

api Related to API changes / additions (internal API) breaking Indicator for breaking changes that may violate SEMVER minor rules. integration Related to integration with OS & other projects (external API) service Issues & PRs related to a specific service.

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[🚀] Authentication/Authorization service for REST controllers (basic)

2 participants

@MarkTwoFive @finnWellers