Removed oauth2 token handling, populated User in security context. #188
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @@ -103,57 +103,58 @@ class OAuth2SecurityConfig implements WebSecurityAugmentor { | |||
| @Override | |||
| void configure(AuthenticationManagerBuilder authenticationManagerBuilder) { | |||
| authenticationManagerBuilder.authenticationProvider( | |||
| googleAuthenticationProvider(googleResourceServerTokenServices()) | |||
| // googleAuthenticationProvider(googleResourceServerTokenServices()) | |||
There was a problem hiding this comment.
No dead code - remove it if it's not usable.
| @Autowired | ||
| AnonymousAccountsService anonymousAccountsService | ||
|
|
||
| @Value('${services.deck.baseUrl:http://localhost/9000}') |
There was a problem hiding this comment.
I think you want localhost:9000
Also, does this mean that it will always redirect to the homepage? Doesn't the dance in deck encode the requested link?
There was a problem hiding this comment.
Good catch. Yes, this would redirect to deck's homepage each time, which then makes the call to '/oauth/info' again, which is successful the second time (returns the User object).
There was a problem hiding this comment.
Fixed the default url string for deck.
This PR completes the proof of concept authentication implementation using Google as an OAuth2 provider. The user authenticates with Google, then we use the resulting token to make a user info call, and populate the session-based SecurityContext with that information.
abhinaybyrisetty
referenced
this pull request
in OpsMx/gate
Mar 18, 2021
OP-5567 : Added new request param for AP test-verification endpoint
Closed
Closed
Closed
Closed
kirangodishala
pushed a commit
to kirangodishala/gate
that referenced
this pull request
May 23, 2023
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR removes the propagation of OAuth2 tokens between Deck and Gate, and populates the User object returned from the authEndpoint call ('/oauth/info') with the email of the Google User associated with the OAuth2 token granted in the redirect flow. It also factors out Netflix's OAuth2 configuration from the generic configuration.