You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A typical case, when more than one social provider is configured in application.properties, is to start a login process with the last path segment containing the tenant name, for example, given these 2 tenant declarations:
The UI will offer Google and GitHub login options with URLs like /service/login/google, /service/login/github, etc, giving Quarkus a hint which social provider to use.
However, right now, a user has to register a custom TenantResolver which will just get the last path segment from the request path, and use it as a value of the tenant id, and then when the authenticated user returns accessing some application URL, a tenant id property can be checked in RequestContext since the tenant id is encoded in the session cookie. It is a fairly typical, boilerplate code.
It would be useful to provide such a logic by default if no custom TenantResolver is available.
Implementation ideas
If non-default OIDC tenants are configured but no TenantResolver is registered, provide a default resolution logic which will 1) check RoutingContexttenantId attribute - if it exists - the user is already authenticated, return it 2) otherwise get the last path segment and offer it as a tenant id.
The text was updated successfully, but these errors were encountered:
Description
A typical case, when more than one social provider is configured in
application.properties, is to start a login process with the last path segment containing the tenant name, for example, given these 2 tenant declarations:The UI will offer Google and GitHub login options with URLs like
/service/login/google,/service/login/github, etc, giving Quarkus a hint which social provider to use.However, right now, a user has to register a custom
TenantResolverwhich will just get the last path segment from the request path, and use it as a value of the tenant id, and then when the authenticated user returns accessing some application URL, a tenant id property can be checked inRequestContextsince the tenant id is encoded in the session cookie. It is a fairly typical, boilerplate code.It would be useful to provide such a logic by default if no custom
TenantResolveris available.Implementation ideas
If non-default OIDC tenants are configured but no
TenantResolveris registered, provide a default resolution logic which will 1) checkRoutingContexttenantIdattribute - if it exists - the user is already authenticated, return it 2) otherwise get the last path segment and offer it as a tenant id.The text was updated successfully, but these errors were encountered: