Skip to content

Improve authentication capabilities #594

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 22, 2021
Merged

Improve authentication capabilities #594

merged 3 commits into from
Nov 22, 2021

Conversation

ST-DDT
Copy link
Collaborator

@ST-DDT ST-DDT commented Nov 13, 2021

This PR improves the authentication process in the following fashion:

  • Improve javadocs with references to related spring security web counterparts
  • It adds overwriteable hook methods to the authentication process
  • Add the SECURITY_CONTEXT_KEY that now stores the entire security context instead of just the authentication, the security context is able to store more than just the authentication and can be used to replace the authentication during a call (e.g. for impersonation by admins or changing the roles of the user on the fly)
  • Add the SecurityContext to the grpc Context
  • Deprecate AUTHENTICATION_CONTEXT_KEY in favor of SECURITY_CONTEXT_KEY

@ST-DDT ST-DDT added the enhancement A feature request or improvement label Nov 13, 2021
@ST-DDT ST-DDT added this to the 2.13.0 milestone Nov 13, 2021
@ST-DDT ST-DDT requested a review from yidongnan November 13, 2021 20:04
@ST-DDT ST-DDT self-assigned this Nov 13, 2021
@ST-DDT
Improve javadocs with references to spring-security-web references
89471dd
@ST-DDT
Improve DefaultAuthenticatingServerInterceptor
18ab8cb 
- Add overwritable hook methods
  - onSuccessfulAuthentication(...)
  - onUnsuccessfulAuthentication(...)
- Restore the full SecurityContext instead of just the Authentication
  - This allows storing additional information in the context,
  - and additional features such as changes to the currently active
authentication (Login As X)
@ST-DDT
Deprecate AUTHENTICATION_CONTEXT_KEY in favor of SECURITY_CONTEXT_KEY
72c249f
@ST-DDT ST-DDT force-pushed the feature/security-api-refactor branch from ba4f2f4 to 72c249f Compare November 17, 2021 22:53
@yidongnan yidongnan merged commit 3ab8d44 into master Nov 22, 2021
@yidongnan yidongnan deleted the feature/security-api-refactor branch November 22, 2021 05:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yidongnan yidongnan yidongnan approved these changes

Assignees

@ST-DDT ST-DDT

Labels
enhancement A feature request or improvement
Projects
None yet
Milestone
2.13.0
Development

Successfully merging this pull request may close these issues.
2 participants
@ST-DDT @yidongnan