Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Multi-tenancy for Reactive Resource Server #6727

Closed
jzheaux opened this issue Apr 1, 2019 · 4 comments

Comments

@jzheaux
Copy link
Contributor

commented Apr 1, 2019

Related to #5351.

Let's add the reactive equivalent of Resource Server's multi-tenancy support.

@rhamedy

This comment has been minimized.

Copy link
Contributor

commented Apr 1, 2019

@jzheaux Can I work on this? ☺️

@jzheaux

This comment has been minimized.

Copy link
Contributor Author

commented Apr 1, 2019

Yes, sir, it's yours!

@jzheaux jzheaux self-assigned this Apr 1, 2019

@jgrandja jgrandja modified the milestones: 5.2.0.M2, 5.2.0.RC1 Apr 15, 2019

@rhamedy

This comment has been minimized.

Copy link
Contributor

commented Apr 22, 2019

Hi @jzheaux

Started working on this and 6723 issues and it would be helpful to get some direction from your end. Looking through your PR PR 6563

  • Added
@FunctionalInterface
public interface ReactiveAuthenticationManagerResolver<C> {
	Mono<ReactiveAuthenticationManager> resolve(C context);
}
  • The Reactive equivalent of OAuth2ResourceServerConfigurer is ServerHttpSecurity.OAuth2ResourceServerSpec? Is that correct? Curious what is the design decision behind ServerHttpSecurity which contains many nested classes? 🤔

  • Declared the ReactiveAuthenticationManagerResolver in ServerHttpSecurity.OAuth2ResourceServerSpec parametrizing it with ServerHttpRequest and added the following

public OAuth2ResourceServerSpec reactiveAuthenticationManagerResolver(
		ReactiveAuthenticationManagerResolver<ServerHttpRequest> reactiveAuthenticationManagerResolver) {
	Assert.notNull(reactiveAuthenticationManagerResolver, "reactiveAuthenticationManagerResolver cannot be null");
	this.reactiveAuthenticationManagerResolver = reactiveAuthenticationManagerResolver;
	return this;
}
  • The changes to the configure method of ServerHttpSecurity.OAuth2ResourceServerSpec is a little tricky as I am struggling to understand the Reactive equivalent of BearerTokenAuthenticationFilter. Could be BearerTokenServerWebExchangeMatcher?

  • Your PR includes a sample boot oauth2-resourceservier-multitenancy. What is the requirement for the Reactive equivalent? Update existing/Add new one/Do nothing?🤔

I have read a few articles and Spring blogs on Reactive programming and I feel like I could use some more. Do you recommend any resource/tutorial/sample/article that could help me understand the Spring Reactive in deeper level?

Thank you for your usual support 🙂

Raf.

@jzheaux

This comment has been minimized.

Copy link
Contributor Author

commented Apr 25, 2019

OAuth2ResourceServerSpec

Yes, that's correct. We haven't broken things out yet just because there hasn't yet been the need.

BearerTokenAuthenticationFilter equivalent

Actually, there isn't a special filter on the reactive side. The programming model is a bit more simplified on the reactive side. You can see the filter set up just as an AuthenticationWebFilter.

Reactive sample equivalent

Nothing for the time being - thanks for asking

articles

This may sound silly, but I'm a lot more of a learn-by-doing person, so I haven't read much more than the Project Reactor docs. But let me ask the team, and I'll get back to you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.