Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Write design doc for azure-spring-security-oauth2 #23369

Closed
Tracked by #23402
chenrujun opened this issue Aug 5, 2021 · 6 comments
Closed
Tracked by #23402

Write design doc for azure-spring-security-oauth2 #23369

chenrujun opened this issue Aug 5, 2021 · 6 comments
Assignees
@chenrujun
Labels
azure-spring All azure-spring related issues azure-spring-aad Spring active directory related issues. Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.
Milestone
[2021] September

Comments

@chenrujun
Copy link

chenrujun commented Aug 5, 2021
edited by stliu
Loading

completed design doc: https://github.com/Azure/azure-sdk-for-java/wiki/Spring-Security-OAuth-2-for-Azure-design
Parent Epic issue: #23402

Current dependency relationship doesn't follow spring's convention.

  • starter module should only contain pom. It should not contain java code / file like cosmos.enable.config / readme / changelog. For example: [azure-spring-boot-starter-keyvault-certificates] contains java code.
  • starter module's com should only contain required dependencies. For example, [spring-cloud-gcp-starter-storage] only contains dependencies, but [azure-spring-cloud-starter-cache] contains build segment.
  • It should be only one autoconfigure module. azure-spring-boot and azure-spring-cloud-autoconfig should combine into one module.
  • It should be multiple level support when developing a starter. For example, there should be a module named azure-spring-security-oauth2-client instead of putting the logic in azure-spring-boot.
  • standalone test module should not exist. Those test should move into each module. For example: [azure-spring-boot-test-keyvault] should move into azure-spring-boot-keyvault. Some integration test should convert to unit-test. (IT -> UT can skip in current issue.)

azure-spring-security-oauth2-xxx should be created.

azure-spring-security-oauth2-xxx should be created just like spring-security-oauth2-xxx.
Here is dependency relationship of spring-security-oauth2-xxx-external (spring-security-oauth2-xxx-external):
dependency-relationship-of-spring-securyty-oauth2-xxx

Here is dependency relationship of spring-security-oauth2-xxx-internal (spring-security-oauth2-xxx-internal)
image
@chenrujun chenrujun added azure-spring All azure-spring related issues azure-spring-aad Spring active directory related issues. labels Aug 5, 2021
@chenrujun chenrujun self-assigned this Aug 5, 2021
@chenrujun chenrujun added this to the [2021] September milestone Aug 5, 2021
@chenrujun chenrujun changed the title Reconstruct aad related code in azure-spring-boot. For aad-starter, only keep autoconfig related content in azure-spring-boot Aug 5, 2021
@chenrujun chenrujun mentioned this issue Aug 6, 2021
Closed
@chenrujun chenrujun added the Client This issue points to a problem in the data-plane of the library. label Aug 9, 2021
@chenrujun chenrujun changed the title For aad-starter, only keep autoconfig related content in azure-spring-boot Follow spring's convention for azure-spring-boot-starter-active-directory. Aug 9, 2021
@chenrujun chenrujun changed the title Follow spring's convention for azure-spring-boot-starter-active-directory. azure-spring-boot-starter-active-directory architecture redesign. Aug 10, 2021
@chenrujun chenrujun added the feature-request This issue requires a new behavior in the product in order be resolved. label Aug 13, 2021
@chenrujun
Copy link
Author

chenrujun commented Aug 19, 2021
edited
Loading

Classes that can move into new artifact.

azure-spring-security-web

  • AADHandleConditionalAccessFilter

azure-spring-security-oauth2-core

  • OAuth2AuthenticatedPrincipal

azure-spring-security-oauth2-client

  • AADOBOOAuth2AuthorizedClientProvider
  • AADAzureDelegatedOAuth2AuthorizedClientProvider (Can move to spring-security)
  • AADOAuth2AuthorizationCodeGrantRequestEntityConverter
  • AADOAuth2AuthorizationRequestResolver
  • AADOAuth2UserService (Can be deleted)
  • AzureClientRegistration (Can move to spring-boot)

azure-spring-security-oauth2-resource-server

  • JwtGrantedAuthoritiesConverter (Can move to spring-boot)
  • AADJwtGrantedAuthoritiesConverter (Can move to spring-boot)
  • AADJwtBearerTokenAuthenticationConverter (Can move to spring-boot)

@chenrujun chenrujun changed the title azure-spring-boot-starter-active-directory architecture redesign. Write design doc for azure-spring-security Aug 20, 2021
@chenrujun
Copy link
Author

chenrujun commented Aug 20, 2021
edited
Loading

Dependency relationship of spring-security-oauth2-xxx:
image

edit this image

@chenrujun
Copy link
Author

chenrujun commented Aug 23, 2021
edited
Loading

Dependency relationship of azure-spring-security-xxx and spring-security-xxx:
image

edit this image

@chenrujun
Copy link
Author

chenrujun commented Aug 23, 2021
edited
Loading

Dependency relationship of spring-boot-starter-oauth2-xxx and spring-security-xxx:

image

edit this image

@chenrujun
Copy link
Author

chenrujun commented Aug 23, 2021
edited
Loading

Dependency relationship of azure-spring-boot-starter-oauth2-xxx and azure-spring-security-xxx:
image

edit this image

@chenrujun
Copy link
Author

Closing this issue because design doc finished: https://github.com/Azure/azure-sdk-for-java/wiki/Spring-Security-OAuth-2-for-Azure-design

@chenrujun chenrujun changed the title Write design doc for azure-spring-security Write design doc for azure-spring-security-oauth2 Aug 23, 2021
@chenrujun chenrujun mentioned this issue Aug 23, 2021
Closed
@chenrujun chenrujun changed the title Write design doc for azure-spring-security-oauth2 [Azure AD] Write design doc for azure-spring-security-oauth2 Sep 26, 2021
@chenrujun chenrujun changed the title [Azure AD] Write design doc for azure-spring-security-oauth2 Write design doc for azure-spring-security-oauth2 Sep 27, 2021
@github-actions github-actions bot locked and limited conversation to collaborators Apr 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@chenrujun chenrujun

Labels
azure-spring All azure-spring related issues azure-spring-aad Spring active directory related issues. Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.
Projects
None yet
Milestone
[2021] September
Development

No branches or pull requests
2 participants
@backwind1233 @chenrujun