Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add OIDC Auth0 extended tutorial #35931

Merged
merged 1 commit into from
Oct 16, 2023

Conversation

sberyozkin
Copy link
Member

@sberyozkin sberyozkin commented Sep 14, 2023

This PR adds an extended OIDC Auth0 tutorial, originally it was meant to be a blog post but after discussing with @maxandersen we agreed to make it a tutorial.

This is not a typical tutorial because there is no quickstart, it is meant to show how both code flow and bearer Auth0 tokens can be managed, how Quarkus OIDC can deal with Auth0 specific constraints, how to adapt the code etc.

This tutorial is meant to be the first one in the series dedicated to specific providers, as opposed to simple quickstarts showing some OIDC features in isolation

@quarkus-bot quarkus-bot bot added area/docstyle issues related for manual docstyle review area/documentation labels Sep 14, 2023
@sberyozkin sberyozkin force-pushed the oidc_auth0_tutorial branch 2 times, most recently from 5622098 to d3e2a04 Compare September 15, 2023 13:16
@github-actions
Copy link

github-actions bot commented Sep 15, 2023

🙈 The PR is closed and the preview is expired.

@sberyozkin sberyozkin mentioned this pull request Sep 22, 2023
@sberyozkin sberyozkin marked this pull request as draft September 22, 2023 19:11
@sberyozkin
Copy link
Member Author

sberyozkin commented Sep 22, 2023

Converting to draft until #36110 is merged - as this PR misses some integration testing instructions - we cover how we can use Dev UI to test but a bit more content is needed re the testing

@sberyozkin sberyozkin force-pushed the oidc_auth0_tutorial branch 2 times, most recently from ebd505e to 00d00e3 Compare September 24, 2023 17:01
@sberyozkin
Copy link
Member Author

Hi @michelle-purcell Thanks for starting a review, I'm just about to push an update related to the integration testing, but I'll pick up the suggestions you have already made too

@sberyozkin
Copy link
Member Author

@michelle-purcell I've done a couple of minor updates based on your feedback so far, please have a look tomorrow or so, thanks

@sberyozkin sberyozkin force-pushed the oidc_auth0_tutorial branch from 939fac6 to 4048d8d Compare October 5, 2023 18:09
@sberyozkin
Copy link
Member Author

sberyozkin commented Oct 5, 2023

I've significantly reworked Access token and token propagation sections, showing Auth0 API, audience, scope to PermissionAllowed conversion. This draft sticks to the echo:name scope, I've used echo.name in tests due to #36313 - but it can be fixed easily early next week; the reason I'm using echo:name in this doc is because Auth0 likes it more, it works with echo.name but fails to show its description in the authorization screen

@sberyozkin
Copy link
Member Author

sberyozkin commented Oct 11, 2023

Hi @gastaldi - can you please consider giving this doc a read during the next few days ? Michelle did a very comprehensive review of may be up to 1/4 of the doc, but she is away and will likely have to be catching up with other urgent doc issues when she returns. I think we can iterate with the Doc team on keeping aligning the text with the guidelines, and optimizing it. I wonder if fixing the obvious text typos or strangely expressed sentences would do for now, I'd not mind at all to try to get it in 3.5.0, the sooner it can become public for users to start working with it the better.
FYI, I've verified the actual steps twice, and can do a 3rd round once the review is complete.
Np at all if you won't find time, we'll get it over the line sooner or later :-)

@sberyozkin
Copy link
Member Author

There should be a preview doc available shortly

@sberyozkin sberyozkin force-pushed the oidc_auth0_tutorial branch 2 times, most recently from c359e19 to 73032ae Compare October 13, 2023 19:33
@sberyozkin sberyozkin marked this pull request as ready for review October 13, 2023 19:34
@sberyozkin
Copy link
Member Author

I've enabled the review to get the HTML page - I've just gone again through the whole text, tuned a few things, it looks quite ready to me.

Copy link
Contributor

@gastaldi gastaldi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sberyozkin
Copy link
Member Author

Hey @gastaldi, thanks for having a look :-). I'll do one more walk-through through the whole demo tomorrow or so (I only reread the text on Fri), as it really must work exactly as described, and will merge once I confirm it works. Cheers

@sberyozkin
Copy link
Member Author

Reacted to a few Lint suggestions

@sberyozkin
Copy link
Member Author

I've updated it more to make sure the integration tests pass when building in JVM and native modes, LGTM overall. I'll now merge it once the build gets green.

@sberyozkin sberyozkin merged commit adb9cbf into quarkusio:main Oct 16, 2023
5 checks passed
@sberyozkin sberyozkin deleted the oidc_auth0_tutorial branch October 16, 2023 21:51
@quarkus-bot quarkus-bot bot added this to the 3.6 - main milestone Oct 16, 2023
@sberyozkin
Copy link
Member Author

Hi @michelle-purcell, we can iterate and keep tuning the doc, thanks very much for the earlier review. I'd just like to try to get it to 3.5.0 and make it visible

@gsmet gsmet modified the milestones: 3.6 - main, 3.5.0 Oct 17, 2023
benkard pushed a commit to benkard/mulkcms2 that referenced this pull request Nov 12, 2023
This MR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [flow-bin](https://github.com/flowtype/flow-bin) ([changelog](https://github.com/facebook/flow/blob/master/Changelog.md)) | devDependencies | minor | [`^0.219.0` -> `^0.220.0`](https://renovatebot.com/diffs/npm/flow-bin/0.219.0/0.220.0) |
| [org.jsoup:jsoup](https://jsoup.org/) ([source](https://github.com/jhy/jsoup)) | compile | patch | `1.16.1` -> `1.16.2` |
| [io.quarkus:quarkus-maven-plugin](https://github.com/quarkusio/quarkus) | build | minor | `3.4.3` -> `3.5.0` |
| [io.quarkus:quarkus-universe-bom](https://github.com/quarkusio/quarkus-platform) | import | minor | `3.4.3` -> `3.5.0` |

---

### Release Notes

<details>
<summary>flowtype/flow-bin</summary>

### [`v0.220.0`](flow/flow-bin@f7f3f3f...030bfc6)

[Compare Source](flow/flow-bin@f7f3f3f...030bfc6)

### [`v0.219.5`](flow/flow-bin@f16a6c7...f7f3f3f)

[Compare Source](flow/flow-bin@f16a6c7...f7f3f3f)

### [`v0.219.4`](flow/flow-bin@9f67075...f16a6c7)

[Compare Source](flow/flow-bin@9f67075...f16a6c7)

### [`v0.219.3`](flow/flow-bin@80dcea5...9f67075)

[Compare Source](flow/flow-bin@80dcea5...9f67075)

### [`v0.219.2`](flow/flow-bin@c184c5d...80dcea5)

[Compare Source](flow/flow-bin@c184c5d...80dcea5)

</details>

<details>
<summary>quarkusio/quarkus</summary>

### [`v3.5.0`](https://github.com/quarkusio/quarkus/releases/tag/3.5.0)

[Compare Source](quarkusio/quarkus@3.4.3...3.5.0)

##### Complete changelog

-   [#&#8203;36527](quarkusio/quarkus#36527) - Start MongoDB 4.4 instead of 4.0
-   [#&#8203;36523](quarkusio/quarkus#36523) - Minor OIDC Auth0 updates
-   [#&#8203;36518](quarkusio/quarkus#36518) - Allow for setting logging scope programmatically
-   [#&#8203;36517](quarkusio/quarkus#36517) - Use Mandrel 23.1 in windows CI
-   [#&#8203;36501](quarkusio/quarkus#36501) - Let custom OIDC token propagation filters customize the exchange status
-   [#&#8203;36495](quarkusio/quarkus#36495) - Support external OTel exporters in CDI
-   [#&#8203;36490](quarkusio/quarkus#36490) - Take ReaderInterceptor into account when reading SSE events
-   [#&#8203;36487](quarkusio/quarkus#36487) - Upgrade to Liquibase 4.24.0
-   [#&#8203;36485](quarkusio/quarkus#36485) - Fix typo in gradle-tooling.adoc
-   [#&#8203;36474](quarkusio/quarkus#36474) - Fix some issues in getting-started-dev-services
-   [#&#8203;36465](quarkusio/quarkus#36465) - Be more consistent in guides when creating projects/adding extensions
-   [#&#8203;36464](quarkusio/quarkus#36464) - HTTP reference guide - HTTP/2 section update, drop JDK 8 note
-   [#&#8203;36459](quarkusio/quarkus#36459) - Let custom OIDC token propagation filters provide client name
-   [#&#8203;36457](quarkusio/quarkus#36457) - Update builder images to jdk-21
-   [#&#8203;36453](quarkusio/quarkus#36453) - Upgrade Oracle JDBC driver to 23.3.0.23.09
-   [#&#8203;36452](quarkusio/quarkus#36452) - Fix doc extension-add.adoc
-   [#&#8203;36451](quarkusio/quarkus#36451) - Adjust extension name for consistency with rest of Quarkus
-   [#&#8203;36446](quarkusio/quarkus#36446) - Regression: Liquibase fails to migrate on Quarkus start, crashing the application
-   [#&#8203;36445](quarkusio/quarkus#36445) - Updates to Infinispan 14.0.19.Final
-   [#&#8203;36442](quarkusio/quarkus#36442) - Use default content type when X-SSE header not set
-   [#&#8203;36436](quarkusio/quarkus#36436) - Upgrade to Hibernate ORM 6.2.13.Final
-   [#&#8203;36432](quarkusio/quarkus#36432) - Hibernate Reactive Panache: improve error message
-   [#&#8203;36420](quarkusio/quarkus#36420) - Allow parallel execution of blocking health checks
-   [#&#8203;36419](quarkusio/quarkus#36419) - Blocking Health Checks should be executed in parallel, not sequentially/ordered
-   [#&#8203;36417](quarkusio/quarkus#36417) - Reduce timeout of the doc build to 60 minutes
-   [#&#8203;36413](quarkusio/quarkus#36413) - Simplify virtual threads guide by pushing users to 21
-   [#&#8203;36412](quarkusio/quarkus#36412) - Drop Optaplanner from the documentation
-   [#&#8203;36411](quarkusio/quarkus#36411) - Drop panache topic from Hibernate Reactive guide
-   [#&#8203;36410](quarkusio/quarkus#36410) - Add compatibility topic to Spring guides
-   [#&#8203;36407](quarkusio/quarkus#36407) - Register RuntimeOverrideConfigSource in STATIC_INIT
-   [#&#8203;36406](quarkusio/quarkus#36406) - AssembleDownstreamDocumentation - print guide name
-   [#&#8203;36400](quarkusio/quarkus#36400) - Add topics and extensions metadata to guides
-   [#&#8203;36367](quarkusio/quarkus#36367) - Bump org.wiremock:wiremock-standalone from 3.1.0 to 3.2.0
-   [#&#8203;36365](quarkusio/quarkus#36365) - Bump de.flapdoodle.embed:de.flapdoodle.embed.mongo from 4.7.0 to 4.9.2
-   [#&#8203;36360](quarkusio/quarkus#36360) - Drop the old Dev UI guide
-   [#&#8203;36337](quarkusio/quarkus#36337) - Upgrade maven to version 3.9.5
-   [#&#8203;36236](quarkusio/quarkus#36236) - No Panache session in REST endpoints defined by an interface
-   [#&#8203;35931](quarkusio/quarkus#35931) - Add OIDC Auth0 extended tutorial
-   [#&#8203;33548](quarkusio/quarkus#33548) - Pick random debug port when the configured one is taken
-   [#&#8203;33363](quarkusio/quarkus#33363) - allow quarkus dev to pick random debug port

</details>

<details>
<summary>quarkusio/quarkus-platform</summary>

### [`v3.5.0`](quarkusio/quarkus-platform@3.4.3...3.5.0)

[Compare Source](quarkusio/quarkus-platform@3.4.3...3.5.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

👻 **Immortal**: This MR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4yNC4wIiwidXBkYXRlZEluVmVyIjoiMzQuMjQuMCJ9-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/docstyle issues related for manual docstyle review area/documentation
Projects
Development

Successfully merging this pull request may close these issues.

4 participants