Skip to content

feat(Authentication) enable authentication strategies to contribute OASEnhancer #4693

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jannyHou merged 1 commit into from
Mar 12, 2020
Merged

feat(Authentication) enable authentication strategies to contribute OASEnhancer #4693

jannyHou merged 1 commit into from
Mar 12, 2020

Conversation

@dougal83
Copy link
Contributor

@dougal83 dougal83 commented Feb 20, 2020
edited
Loading

Extend AuthenticationStrategy to implement OASEnhancer.

Example usage:
App > jwt-strategy.ts:

// ...
@bind(asAuthStrategy, asSpecEnhancer)
export class JWTAuthenticationStrategy
  implements AuthenticationStrategy, OASEnhancer {
  // ...
  modifySpec(spec: OpenApiSpec): OpenApiSpec {
    return mergeSecuritySchemeToSpec(spec, this.name, {
      type: 'http',
      scheme: 'bearer',
      bearerFormat: 'JWT',
    });
  }
}

App > application.ts:

// ...
// authentication
this.add(createBindingFromClass(JWTAuthenticationStrategy));

See also #4554
Impl. #3669

Checklist

  • npm test passes on your machine
  • New tests added or existing tests modified to cover all changes
  • Code conforms with the style guide
  • API Documentation in code was updated
  • Documentation in /docs/site was updated
  • Affected artifact templates in packages/cli were updated
  • Affected example projects in examples/* were updated

@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch from f2d96e4 to 38cfa7a Compare February 22, 2020 21:38
@dougal83 dougal83 mentioned this pull request Feb 24, 2020
Merged
5 tasks
@dougal83 dougal83 requested a review from derdeka February 27, 2020 23:16
@dougal83
Copy link
Contributor Author

dougal83 commented Feb 27, 2020

@derdeka Would this satisfy #3669? PTAL

jannyHou
jannyHou reviewed Mar 4, 2020
View reviewed changes
Copy link
Contributor

@jannyHou jannyHou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dougal83 🙇‍♀ Thank you again for creating a follow-up PR for the security spec. I left a few suggestions.
sorry for the delay again 😅 finished the auth migration PR so I have enough bandwidth to help you apply this feature this month

@dougal83 dougal83 marked this pull request as ready for review March 6, 2020 00:21
@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch 2 times, most recently from e8bef12 to 31b5c90 Compare March 6, 2020 13:57
@dougal83 dougal83 requested a review from jannyHou March 6, 2020 14:01
@dougal83
Copy link
Contributor Author

dougal83 commented Mar 6, 2020

Restricted to a single SecuritySchemeObject as I didn't see eventuality of adding multiple.

bajtos
bajtos suggested changes Mar 6, 2020
View reviewed changes
Copy link
Member

@bajtos bajtos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @dougal83 for the pull request, I appreciate the effort you are putting into this initiative ❤️

I like that your pull request includes test coverage to verify that security schemas are correctly contributed. What I like even more is that we have two examples of real-world security schemas that we can use when users come asking about examples 👍

I'd like to discuss few aspects of the proposed implementation, see my comments below.

@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch 2 times, most recently from 1c39e48 to e2b2f16 Compare March 7, 2020 23:08
@dougal83 dougal83 requested a review from bajtos March 7, 2020 23:41
@raymondfeng raymondfeng mentioned this pull request Mar 8, 2020
Merged
7 tasks
@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch from e2b2f16 to 9ad1ac9 Compare March 8, 2020 18:58
@dougal83 dougal83 changed the title feat(Authentication) enable authentication strategies to contribute OASEnhancer DO NOT MERGE: feat(Authentication) enable authentication strategies to contribute OASEnhancer Mar 8, 2020
@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch from 9ad1ac9 to 59782c3 Compare March 9, 2020 20:21
@dougal83 dougal83 changed the title DO NOT MERGE: feat(Authentication) enable authentication strategies to contribute OASEnhancer feat(Authentication) enable authentication strategies to contribute OASEnhancer Mar 9, 2020
@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch from 59782c3 to 2c57295 Compare March 9, 2020 20:34
jannyHou
jannyHou approved these changes Mar 9, 2020
View reviewed changes
Copy link
Contributor

@jannyHou jannyHou left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙇‍♀ LGTM when CI passes. Thanks @bajtos and @raymondfeng for joining the discussion, extending the enhancer class is much better than having a separate class(my original proposal).

I will refactor https://github.com/strongloop/loopback-next/tree/master/examples/access-control-migration/src/components/jwt-authentication accordingly as well.

@jannyHou jannyHou mentioned this pull request Mar 9, 2020
Merged
7 tasks
bajtos
bajtos suggested changes Mar 10, 2020
View reviewed changes
Copy link
Member

@bajtos bajtos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I find this new version so much more elegant 👏

Can you please add a tsdoc comment and a unit test for mergeSecuritySchemeToSpec?

@bajtos bajtos added the feature label Mar 10, 2020
@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch from 2c57295 to d6a3e4d Compare March 10, 2020 16:22
@dougal83
feat: enable authStrategy to provide OASEnhancer
5535135 
add asAuthStrategy decorator for AuthenticationStrategy.

Decorate and extend AuthenticationStrategy as follows:
```ts
  @Bind(asAuthStrategy, asSpecEnhancer)
  class MyAuthenticationStrategy
    implements AuthenticationStrategy, OASEnhancer {
      // ...
    }
```

Bind to application:
```ts
  this.add(createBindingFromClass(MyAuthenticationStrategy));
```

Signed-off-by: Douglas McConnachie <dougal83+git@gmail.com>
@dougal83 dougal83 force-pushed the add-oas-security-enhancer branch from d6a3e4d to 5535135 Compare March 10, 2020 16:27
@dougal83
Copy link
Contributor Author

dougal83 commented Mar 11, 2020

The simplicity of the PR is down to great architectural design by the Loopback Team. It was surprising how little work was required in the end! Keep up the great work! ❤️

@jannyHou jannyHou merged commit df7dd2b into loopbackio:master Mar 12, 2020
@jannyHou
Copy link
Contributor

jannyHou commented Mar 12, 2020
edited
Loading

🎉 🎉 Merged! Thank you @dougal83 for the effort and patience, next target is #4365. (design kudos goes to Miroslav and Raymond :p)

@dougal83 dougal83 mentioned this pull request Mar 29, 2020
Closed
@achrinza achrinza mentioned this pull request Apr 17, 2020
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@raymondfeng raymondfeng raymondfeng approved these changes

@derdeka derdeka Awaiting requested review from derdeka

@deepakrkris deepakrkris Awaiting requested review from deepakrkris

@emonddr emonddr Awaiting requested review from emonddr

@hacksparrow hacksparrow Awaiting requested review from hacksparrow

@nabdelgadir nabdelgadir Awaiting requested review from nabdelgadir

@bajtos bajtos Awaiting requested review from bajtos

+1 more reviewer

@jannyHou jannyHou jannyHou approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@dougal83 dougal83

Labels

Authentication feature OpenAPI

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dougal83 @jannyHou @raymondfeng @bajtos