Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE REQ] Investigate whether we can deprecate azure-spring-boot-starter-active-directory-b2c. #23545

Closed
chenrujun opened this issue Aug 13, 2021 · 1 comment
Closed

[FEATURE REQ] Investigate whether we can deprecate azure-spring-boot-starter-active-directory-b2c. #23545

chenrujun opened this issue Aug 13, 2021 · 1 comment
Assignees
@zhichengliu12581
Labels
azure-spring All azure-spring related issues azure-spring-aad-b2c Spring active directory b2c related issues. Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.
Milestone
[2021] September

Comments

@chenrujun
Copy link

Investigate whether we can deprecate azure-spring-boot-starter-active-directory-b2c.

1, List all AAD B2C's features that spring-security can not provide.
2. Investigate if we can add these features in spring-security-repo.
@ghost ghost added the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Aug 13, 2021
@chenrujun chenrujun self-assigned this Aug 13, 2021
@chenrujun chenrujun added the azure-spring-aad Spring active directory related issues. label Aug 13, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Aug 13, 2021
@chenrujun chenrujun added azure-spring All azure-spring related issues Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved. needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. labels Aug 13, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Aug 13, 2021
@chenrujun chenrujun added azure-spring-aad-b2c Spring active directory b2c related issues. and removed azure-spring-aad Spring active directory related issues. labels Aug 13, 2021
@chenrujun chenrujun added this to the [2021] September milestone Aug 13, 2021
@zhichengliu12581 zhichengliu12581 mentioned this issue Aug 16, 2021
Closed
@chenrujun chenrujun removed their assignment Aug 20, 2021
@zhichengliu12581
Copy link
Contributor

zhichengliu12581 commented Aug 23, 2021
edited
Loading

Currently, our azure-spring-boot-starter-active-directory-b2c provides the following functions:
As webApp:

  1. We will help users choose the client to log in, logout and reset password etc.
  2. We can redirect user to correct page when user logout.
  3. We support user forgot password on login page.

As webapi:

  1. We help users provide trusted accessTokens from multiple issuers (according to the information provided by users)
  2. We helped users to add verification of the audience in the accessToken
  3. Verification of the issuer in the accessToken obtained by the user (this is the same function as in the first point)

Common functions:
1.Help users configure the client (including authentication_type and client_credentials types).
2. We can obtain the information in scope and role at the same time for permission control (Deprecated and instead by AADJwtBearerTokenAuthenticationConverter), and spring security support custom permission.

When we use spring Security directly, the functions we have been able to provide are:

  • When used as a webapi:
    1. Spring Security can support multi Tenant, similar to the sample provided by spring:
    2. In the provision of multi Tenant, users can customize the verification of audience.
  • When used as a webapp:
    1. Users can determine the default client through spring configuration
    2. We can add logout uri and redirect user to correct page with spring security.
    3. B2C support reset password in login page now.
  • When using common fucntions:
    1. Users can configure the information of each client by themselves

Summary:
We can Deprecated azure-spring-boot-starter-active-directory-b2c, because all functions are already supported by springSecurity, and users can also configure some of them by themselves.

@zhichengliu12581 zhichengliu12581 mentioned this issue Aug 23, 2021
Closed
@zhichengliu12581 zhichengliu12581 mentioned this issue Sep 1, 2021
Closed
@chenrujun chenrujun mentioned this issue Sep 7, 2021
Closed
@github-actions github-actions bot locked and limited conversation to collaborators Apr 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@zhichengliu12581 zhichengliu12581

Labels
azure-spring All azure-spring related issues azure-spring-aad-b2c Spring active directory b2c related issues. Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved.
Projects
None yet
Milestone
[2021] September
Development

No branches or pull requests
2 participants
@chenrujun @zhichengliu12581