Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a common layer for authentication & authorization component #2900

Closed
dhmlau opened this issue May 14, 2019 · 2 comments
Closed

Create a common layer for authentication & authorization component #2900

dhmlau opened this issue May 14, 2019 · 2 comments
Assignees
@jannyHou
Labels
Authentication Authorization feature
Milestone
Aug 2019 milestone

Comments

@dhmlau
Copy link
Member

dhmlau commented May 14, 2019

Description / Steps to reproduce / Feature proposal

Capturing the information from @raymondfeng in today's meeting and in Slack.

We might need a common layer e.g. @loopback/security to serve as a base where @loopback/authentication and @loopback/authorization are two extensions. The common layer can possibly include:

  • SecurityContext
  • binding keys for current user/subject

From the conversation in Slack:

  • Authentication binds the subject (who) to request context so that authorization can use it to make a decision against object + action (what)
  • The subject contains a set of principals and other information from the access token (such as scopes)
  • Today we build UserProfile, which is a subset of subject
  • For example, facebook supports user token, client app token, page token etc
  • The principal can a user, an application, or a device
  • Maybe we should have a common module like @loopback/security to define the common interfaces/types
@raymondfeng raymondfeng mentioned this issue May 15, 2019
Closed
7 tasks
This was referenced Jun 3, 2019
Closed
Closed
@dhmlau dhmlau added 2019Q3 and removed 2019Q2 labels Jun 11, 2019
This was referenced Jun 25, 2019
Closed
Closed
@agnes512 agnes512 mentioned this issue Jul 31, 2019
Closed
32 tasks
@nabdelgadir nabdelgadir added this to the Aug 2019 milestone milestone Jul 31, 2019
@dhmlau
Copy link
Member Author

dhmlau commented Aug 2, 2019

Draft PR #2902.
Recalling the conversation with @raymondfeng, he thinks after PR #1205 is done, we can see what makes sense to put in the common layer.

This was referenced Aug 8, 2019
Merged
Merged
@jannyHou jannyHou mentioned this issue Aug 15, 2019
Merged
7 tasks
@jannyHou
Copy link
Contributor

Closing as PR merged.

@achrinza achrinza mentioned this issue Nov 23, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jannyHou jannyHou

Labels
Authentication Authorization feature
Projects
None yet
Milestone
Aug 2019 milestone
Development

No branches or pull requests
4 participants
@raymondfeng @jannyHou @dhmlau @nabdelgadir