Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change Principal to be TypedPrincipal in the authorize interceptor #3845

Closed
1 task
jannyHou opened this issue Sep 30, 2019 · 1 comment
Closed
1 task

Change Principal to be TypedPrincipal in the authorize interceptor #3845

jannyHou opened this issue Sep 30, 2019 · 1 comment
Labels
Authentication bug tech-debt

Comments

@jannyHou
Copy link
Contributor

Steps to reproduce

The authorizeInterceptor should use TypedPrincipal instead of Principal in the
authorization context.
And we should provide a default factory that converts a
user profile to a typed principal in @loopback/security.
See PR #3807

Current Behavior

Authorizer interceptor still uses a more general type Principal, see code and code

Expected Behavior

User TypedPrincipal instead.

Acceptance Criteria

  • Refactor Principal to be TypedPrincipal in the authorize interceptor.
@jannyHou jannyHou added the bug label Sep 30, 2019
This was referenced Sep 30, 2019
Closed
Closed
@dhmlau dhmlau added the 2019Q4 label Oct 1, 2019
@jannyHou
Copy link
Contributor Author

jannyHou commented Oct 4, 2019

When I worked on #3807 I thought creating an instance of TypedPrincipal would be easier than having the converter. Just tried to change the Principal to TypedPrincipal on local and found it's not very reasonable, since it regenerate the securityId with type name as prefix, which is not a necessary in the current design.

I am closing this issue, we can reopen it when new features that needs this change get added to authorization.

@jannyHou jannyHou closed this as completed Oct 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Authentication bug tech-debt
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bajtos @jannyHou @dhmlau