Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Runtime configuration for HTTP permissions, policy, form authentication mechanism and realm #31800

Closed
wants to merge 1 commit into from
Closed

Runtime configuration for HTTP permissions, policy, form authentication mechanism and realm #31800

wants to merge 1 commit into from

Conversation

michalvavrik
Copy link
Member

@michalvavrik michalvavrik commented Mar 13, 2023
edited
Loading

closes #19162 but mainly this is preparation for #16728

This moves as much from auth config to runtime, as possible. I believe flags that enables auth mechanisms can't be moved as we need to determine which beans to create at build time. OpenAPI document that requires security provider information is also build during build time.

@michalvavrik michalvavrik marked this pull request as draft March 13, 2023 09:06
@michalvavrik
Copy link
Member Author

michalvavrik commented Mar 13, 2023
edited
Loading

Hey @sberyozkin ,

I opened PR because I need arguments for additions I plan to suggest for @LookupIfProperty, however if you find a time for early feedback, it will be well appreciated.

@sberyozkin
Copy link
Member

Thanks @michalvavrik will try to have a look asap

@michalvavrik
Copy link
Member Author

michalvavrik commented Mar 13, 2023
edited
Loading

It's nice that CI is green, but that's only because we never use @Inject for auth mechanisms. We can suppress beans from programmatic lookup, but they still exists.

@sberyozkin I'm afraid we will always need to have build time configuration properties that enables form/basic/mTLS auth mechanism as ArC won't allow as to create beans conditionally based on runtime value (or remove them when some condition won't match).

I'll rewrite this tomorrow, let's don't waste your time on this, thanks!

@michalvavrik michalvavrik changed the title WIP: Move AuthConfig to runtime Runtime configuration for HTTP permissions, policy, form authentication mechanism and realm Mar 14, 2023
@michalvavrik michalvavrik force-pushed the feature/make-auth-confiig-runtime branch from 65a8d8c to 0102b3c Compare March 14, 2023 18:21
@michalvavrik michalvavrik marked this pull request as ready for review March 14, 2023 18:21
@michalvavrik michalvavrik requested a review from sberyozkin March 14, 2023 18:21
@michalvavrik michalvavrik force-pushed the feature/make-auth-confiig-runtime branch from 0102b3c to 94d4528 Compare March 14, 2023 18:42
@quarkus-bot

This comment has been minimized.

Sign in to view
@michalvavrik michalvavrik force-pushed the feature/make-auth-confiig-runtime branch from 94d4528 to db860a3 Compare March 16, 2023 15:29
@michalvavrik michalvavrik mentioned this pull request Mar 19, 2023
Closed
@michalvavrik
Copy link
Member Author

looks like #31903 brought in conflicts, I am also working on permissions related stuff that will break the PR, so I'll rebase it once it is done.

@michalvavrik michalvavrik marked this pull request as draft March 21, 2023 08:51
@michalvavrik
Copy link
Member Author

This might need different approach.

@quarkus-bot quarkus-bot bot added the triage/invalid This doesn't seem right label Jun 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sberyozkin sberyozkin Awaiting requested review from sberyozkin

Assignees
No one assigned
Labels
area/rest area/undertow area/vertx triage/invalid This doesn't seem right
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

make the quarkus.http.auth.form.timeout property configurable at runtime instead of compile time
2 participants
@michalvavrik @sberyozkin