Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate simplifying gateway/microservice oauth2 config. #20102

Closed
1 task
mshima opened this issue Oct 24, 2022 · 6 comments · Fixed by #24457
Closed
1 task

Investigate simplifying gateway/microservice oauth2 config. #20102

mshima opened this issue Oct 24, 2022 · 6 comments · Fixed by #24457
Labels
area: enhancement 🔧 $$ bug-bounty $$ https://www.jhipster.tech/bug-bounties/ theme: OIDC/OAuth2 $200 https://www.jhipster.tech/bug-bounties/
Milestone
8.1.0

Comments

@mshima
Copy link
Member

mshima commented Oct 24, 2022
edited
Loading

Overview of the feature request

We currently implement some custom filters which probably can be replaced by spring-cloud features.
Like replacing our custom token relay filter with token relay filter

Motivation for or Use Case
Related issues or PR
  • Checking this box is mandatory (this is just to show you read everything)
@mraible
Copy link
Contributor

mraible commented Oct 24, 2022

FWIW, we already use TokenRelay for Spring Cloud Gateway.

@mshima
Copy link
Member Author

mshima commented Oct 24, 2022

Ok https://github.com/jhipster/generator-jhipster/blob/main/generators/server/templates/src/main/java/package/client/TokenRelayRequestInterceptor.java.ejs is something else then.

https://github.com/jhipster/generator-jhipster/blob/main/generators/server/templates/src/main/java/package/client/AuthorizedUserFeignClient.java.ejs, https://github.com/jhipster/generator-jhipster/blob/main/generators/server/templates/src/main/java/package/client/OAuth2_UserFeignClientInterceptor.java.ejs and https://github.com/jhipster/generator-jhipster/blob/main/generators/server/templates/src/main/java/package/client/OAuth2UserClientFeignConfiguration.java.ejs looks unused

@mshima
Copy link
Member Author

mshima commented Oct 24, 2022

@mraible what's the reason for those feign configurations?
Can be dropped from default?

@mraible
Copy link
Contributor

mraible commented Oct 24, 2022

They're for Feign to access microservices or OAuth-protected resources. They might not be used anymore. I used something similar in this post, which uses Zuul.

@mshima
Copy link
Member Author

mshima commented Oct 24, 2022

There is only references at openapi generator.
https://github.com/jhipster/generator-jhipster/search?p=1&q=feign

I suppose we can drop feign support. Or modularize if needed.

@Tcharl
Copy link
Contributor

Tcharl commented Oct 26, 2022

Also noticed that client credentials flow isn't supported by our SecurityUtils class.

I used to use UserFeignInterceptor for service-to-service communication: client credentials vs authorization code flow

@deepu105 deepu105 added $$ bug-bounty $$ https://www.jhipster.tech/bug-bounties/ $200 https://www.jhipster.tech/bug-bounties/ labels Aug 15, 2023
@mshima mshima mentioned this issue Dec 5, 2023
Merged
6 tasks
@deepu105 deepu105 added this to the 8.1.0 milestone Dec 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: enhancement 🔧 $$ bug-bounty $$ https://www.jhipster.tech/bug-bounties/ theme: OIDC/OAuth2 $200 https://www.jhipster.tech/bug-bounties/
Projects
None yet
Milestone
8.1.0
Development

Successfully merging a pull request may close this issue.

split feign client generator mshima/generator-jhipster
4 participants
@mraible @Tcharl @deepu105 @mshima