Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Draft: Refactor authentication code #2487

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open

Draft: Refactor authentication code #2487

wants to merge 16 commits into from

Conversation

Jotschi
Copy link
Contributor

@Jotschi Jotschi commented Oct 17, 2023
edited
Loading

Motivation:

The refactor enables re-use of authentication implementation details in non vertx-web projects. (e.g. Vert.x gRPC)
There will be a matching PR for vertx-auth + vertx-grpc to incorporate and make use of the refactored codebase.

Draft:

This PR introduces two maven modules. These modules have been added as discussed in the discord meeting to limit the diff and make it easier to review the changes since classes eventually have to be moved to vertx-auth.

Changes:

  • Creation of a UserContext abstraction
  • Move of various interfaces to common modules
  • Introduction of AuthenticationContext interface
  • AuthenticationHandler is now generic to accept implementation specific context objects
  • JWTAuthHandlerImpl, HTTPAuthorizationHandler, AuthenticationHandlerImpl have been refactored to be RoutingContext agnostic and use AuthenticationContext instead.
  • UserContextImpl split into AbstractUserContext to enable re-use of code
  • RoutingContext now extends AuthenticationContext

Tasks:

  • Fix docgen errors
  • Solve TODO in WebHTTPAuthorizationHandler, WebAuthenticationHandlerImpl - currently code is duplicated
  • Check Javadoc for needed changes (RoutingContext -> AuthenticationContext)
  • Run all tests
  • Verify codegen still works properly
  • Rename UserContextImpl into UserWebContextImpl ?
  • Check whether AuthenticationContext#onContinue can be added
  • Continue refactor of other authentication handler implementation (e.g. OAuth2) once approach has been reviewed.

@vietj vietj added this to the 5.0.0 milestone Oct 20, 2023
@Jotschi
Copy link
Contributor Author

Jotschi commented Oct 20, 2023
edited
Loading

Notes from discord meeting:

  • HttpException - Keep the exception in Vert.x web for the moment and make it extend one in auth-common
  • UserContext - Move UserContext definitions + common impl to RoutingContext to decouple the interface
default void refreshUser(UserContext) {

}
  • Refactor user = null by use of user.clear
  • Remove vertx-web-auth-jwt
  • UserContext - Keep UserContext in vert.x web and add a io.vertx.auth.common.UserContext -> Not needed. Context can be unchanged since Session must be moved too.
  • Session / OAuth2 - Try to split auth oauth2 handler and abstract away session related code

@Jotschi
Copy link
Contributor Author

Jotschi commented Oct 27, 2023

Concept for refactoring Exception handling to avoid the use exceptions for common HTTP actions:

postAuthentication method:

if (res instance of PostAuthenticationResult) {
  PostAuthenticationResult result =  postAuthentication(ctx);
} else {
    if (res instanceof PostAuthenticationResult.Proceed) {
        ctx.next();
    }
    …
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
5.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@Jotschi @vietj