Comments (6)
I don't think anything has changed in JHipster's OAuth/OIDC implementations since v7. I'm not sure I understand your question. Can you please rephrase it?
from generator-jhipster.
I confirm the bug.
OAuth2 token is not correctly mapped to the spring security authentication without syncUserWithIdp
option.
This option is required in ionic blueprint:
https://github.com/jhipster/generator-jhipster-ionic/blob/c4c2a30002fe3fd5f2ef6a6f402dc21fc2d0ba04/.blueprint/generate-sample/templates/samples/reactive-oauth2.jdl#L12
Otherwise this test fails:
https://github.com/jhipster/generator-jhipster-ionic/blob/c4c2a30002fe3fd5f2ef6a6f402dc21fc2d0ba04/generators/ionic/resources/oauth2/cypress/e2e/login.cy.ts#L22
from generator-jhipster.
@mshima I couldn't fully understand the bug here, I am willing to contribute to this one. Let me start with what i understand,
-
With this pr #24632, oauth2 option will by default not generate user related code unless one of this is set gnerateUserManagement or syncUserWithIdp or an entity relating to User built in entity.
-
Currently irrespective of the 'syncUserWithIdp' feature, the endpoint to return account exists (pulls data from the IDP and constructs userVM). This should go away if 'syncUserWithIdp' is not requested.
Also, on the blueprint side, user related code needs to be conditionally generated based on the 'syncUserWithIdp', which is why ionic blueprint started failing when migrated to v8.4.0.
I can default the 'syncUserWithIdpP' similar to nodejs for now until its implemented.
Please let me know.
from generator-jhipster.
@dwarakaprasad
If syncUserWithIdp is true, this api/account
is used:
As stated in the issue description UserService does not exists without syncUserWithIdp
so this other api/account
is used:
UserVM has these attributes:
While User has much more info:
from generator-jhipster.
@mshima This is my point.
By default with OAuth2, only basic claims feed api/account
response via UserVM
.
To have other attributs from IDP (give_name, imageUrl, etc), we need pass the extra --sync-user-with-idp
parameter option to use the AccountResource_oauth2.java.ejs
that call userService.getUserFromAuthentication()
and which of course contain the user sync mechanism.
I couldn't find in the history if there was a reason not to include userservice.getUserFromAuthentication()
by default and move the syncUserWithIdp
condition here:
This is not really a problem for me, we noticed it because we use a blueprint which takes into account the user's avatar when the IDP is Entra ID (via MS Graph endpoint) and this has changed compared to the version v7 of JHipster.
from generator-jhipster.
Entire UserService is implemented for syncUserWithIdp
.
It checks and saves current User at each page visit.
So IMO:
syncUserWithIdp
should be done only once per session.- Account should be retrieved from authentication token even with
syncUserWithIdp
instead of retrieving from database.
from generator-jhipster.
Related Issues (20)
- Improve Doing API First Development documentation HOT 4
- Docker Image 8.7.0 not starting: tail: cannot open '/home/.../resources/banner-no-color.txt' for reading: No such file or directory Work-around applied but need to be fixed.
- docker
- Could not get unknown property 'NpmTask' for root project '***' of type org.gradle.api.Project. from profile_dev.gradle HOT 5
- Add "Custom Code Section" in generated code to replace side-by-side implementation
- Update jhipster-ansible project to support new website HOT 4
- Each generator should use its own Type instead of BaseApplication
- export-jdl is not correctly exporting entities
- Documentation archives don't render properly: 404s for JS and CSS files HOT 4
- Docker container jhipster/jhipster for Apple Silicon CPU HOT 10
- mvnw is stuck -> checksum-maven-plugin:1.11:files (create-pre-compiled-webapp-checksum) HOT 11
- Switch CI to use Spring Boot's Cloud Native Buildpacks support
- Cannot read properties of undefined (reading 'replace') HOT 2
- cannot generate entity from v8.7.1
- Incorrect Pagination Links in Microservices When Forwarded Through Gateway
- Oauth2, Separate Backend and Frontend - Request method 'POST' not supported HOT 1
- `writeFiles` operation does not follow types.
- Upgrade blueprints to generator-jhipster v8.7.1 HOT 2
- Faker 9 breaking changes are not resolved. HOT 1
- ERROR! An error occured while running jhipster:bootstrap-application#checkProperties ERROR! ERROR! You have duplicate properties in entity Elemento: proyecto Error: You have duplicate properties in entity Elemento: proyecto at BootstrapApplicationGenerator.checkProperties HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from generator-jhipster.