Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Imperative Auth Design for ballerina/http Module #142

Merged
merged 25 commits into from
Jan 7, 2021
Merged

Implement Imperative Auth Design for ballerina/http Module #142

merged 25 commits into from
Jan 7, 2021

Conversation

ldclakmal
Copy link
Member

@ldclakmal ldclakmal commented Dec 16, 2020
edited
Loading

Purpose

This PR introduces the imperative auth design for HTTP listener. Also, imperative and declarative auth design for HTTP client.

Design: https://docs.google.com/document/d/1dGw5uUP6kqZNTwMfQ_Ik-k0HTMKhX70XpEA3tys9_kk/edit?usp=sharing

Example:

import ballerina/http;
import ballerina/jwt;
 
http:JwtValidatorConfig config = {
   issuer: "ballerina",
   audience: ["wso2"],
   jwksConfig: {
      url: "https://localhost:8080/jwks"
   },
   scopeKey: "scp"
};
http:ListenerJwtAuthHandler handler = new(config);
 
service http:Service /hello on new(9090) {
   resource function post /foo(json payload, @Header string authorization) 
                               returns string|http:Unauthorized|http:Forbidden {
 
      jwt:Payload|http:Unauthorized authn = handler.authenticate(authorization);
      if (authn is http:Unauthorized) {
         return authn;
      }
 
      http:Forbidden? authz = handler.authorize(<jwt:Payload>authn, "write");
      if (authz is http:Forbidden) {
         return authz;
      }
 
      // business logic
   }
}

Fixes ballerina-platform/ballerina-library#752
Fixes ballerina-platform/ballerina-library#553
Fixes ballerina-platform/ballerina-library#63

Related to ballerina-platform/ballerina-library#584

@ldclakmal ldclakmal changed the title Update ballerina/http module for Swan Lake Auth Design Implement Swan Lake Auth Design for ballerina/http Module Dec 16, 2020
@ldclakmal ldclakmal force-pushed the dev-auth-design branch 6 times, most recently from cdca1d3 to cfa9c20 Compare December 17, 2020 07:07
@ldclakmal ldclakmal changed the title Implement Swan Lake Auth Design for ballerina/http Module Implement Imperative Auth Design for ballerina/http Module Jan 6, 2021
@ldclakmal ldclakmal force-pushed the dev-auth-design branch 2 times, most recently from aa8c148 to b3de704 Compare January 6, 2021 16:25
@ldclakmal ldclakmal marked this pull request as ready for review January 7, 2021 07:40
@ldclakmal ldclakmal merged commit 680e301 into ballerina-platform:master Jan 7, 2021
This was referenced Jan 9, 2021
Merged
Merged
@ldclakmal ldclakmal mentioned this pull request Jan 16, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chamil321 chamil321 chamil321 approved these changes

@shafreenAnfar shafreenAnfar Awaiting requested review from shafreenAnfar shafreenAnfar is a code owner

@Bhashinee Bhashinee Awaiting requested review from Bhashinee

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@ldclakmal @chamil321