Comments (12)
Just for linking back to this:
#51 the basic idea is that I can swap how I read the configuration for the strategies.
For example
config :ueberauth, Ueberauth,
providers: [
facebook: {
Ueberauth.Strategy.Facebook,
MyApp.Ueberauth.ConfigurationReader # Notice this, it is not a Keyword list anymore
}
]
# or even the whole thing so we can add and remove the providers dynamically
# for sure, somebody needs to implement some mapping with the modules
config :ueberauth, Ueberauth,
providers: MyApp.Ueberauth.ConfigurationReader # Notice this
# or I would promote the configurations to the submodule itself
# I think this embrace more Elixir way rather than allocate all the config
# to the main module,
config :ueberauth, Ueberauth.Strategy.Facebook,
key: :value
The configuration reader should implement some protocol
defmodule MyApp.Ueberauth.ConfigurationReader do
@typespec call(atom()) : Keyword.t()
def call(provider_name) do
# do whatever you want, either load from database
# or just another config or some hardcoded config
# or read from ets (database anyway 😄 )
keyword_list_config = [ ] # as long as we return the same data structure
end
end
What this will allow me to do is be able to load configurations from the database, business like Auth0 allow you to do that so we can extend Ueberauth to be some long running OTP app where you just change the configurations on the database so when some keys or anything becomes invalid we do not need to release or at least stop the server and load the new configuration, everything could be done at the database layer
from ueberauth.
Watching this... keen on token-based workflow
from ueberauth.
btw, the idea is not calling the module reader once for the configuration because then we will have to restart or end the process anyway 😅
I was thinking on create some GenServer per provider as well so we could save the configurations inside and we can reload the process for that provider when we need it.
Also that way, if one of the providers is down and something happens with it, it will no affect other pieces of the application.
I will try to draw some diagram for this, I has done something similar with StrawHat.Cashier
(payment gateway for payment gateways)
from ueberauth.
@hassox , I don't know if this is the right place to discuss additional items for your wish list, but I am wondering how to have one (phoenix) application support multiple ueberauth configurations.
Specifically with preferably one http endpoint I would like to build a multitenancy environment which would need to use multiple dynamic configurations for ueberauth. I think multiple configurations are needed as each tenant is assigned a hostname and each tenant could have a different ueberauth configuration (e.g. based on database records) so that customer A can configure his app through a (web) gui to use google and facebook (using his credentials from the respective providers), while customer B could use only a microsoft auth provider (with client credentials from azure ad).
Any idea's how that would fit into ueberauth? :-)
from ueberauth.
@rmoorman that is in the radar, #51
from ueberauth.
@yordis how would you picture #51 working in a situation where multiple configurations (each with differently configured providers) would exist and each configuration should be applied based on the hostname for example?
I mean, wouldn't one still need some kind of discriminator and/or some restructuring/additional functionality within ueberauth to facilitate this scenario? (mainly for selecting a configuration as needed; could also imagine that in case the configuration is flat / there is no discriminator, the configuration at hand is the default in any case ..)?
Wouldn't you see the hows and wheres of configuration loading and storage as a different concern? Something separate from using the configuration, abstracted away behind a protocol maybe?
I am personally not that well versed with ueberauth (yet) as I am a bit new to elixir/phoenix, but for me both things (a configuration reader and having a way to use choose and use different configurations at runtime) seem to be related but still seem to be different things.
from ueberauth.
@rmoorman the idea is to support Configuration loaders that you can pick your strategy ...
from ueberauth.
@yordis so the idea also includes altering the way of strategy lookup, making the context data (e.g. plug connection) available to the loader and having the loader responsible for returning a configured strategy? That could be a way to accomplish that I guess.
from ueberauth.
@rmoorman yes
from ueberauth.
I would love to see Token based workflow #50 implemented. I'm pushing in my department to start using Elixir and this is a must, we do internal web based tools and they are all SPA with google auth implemented client side.
So right now we have two choices, implement like what @yordis has done in #50 or use the fork (already 7 commits behind) referenced in #20.
from ueberauth.
@alejandrodnm here is my 2 cents on what to do right now.
My solution was independent of Plug.Conn
because I was using Absinthe so I didn't have access to the Plug.Conn
.
The fork solution wouldn't work for me because they do have dependency with Plug.Conn
.
So, do you have access to Plug.Conn
, then use the fork, if not, then do what I did, specially that it is for one strategy.
from ueberauth.
Don't need to do the configuration reader, by opening the API should allow us to pass the configuration rather than keep relying on Ueberauth to adapt to use cases.
from ueberauth.
Related Issues (20)
- OAuth2 needs new maintainers HOT 4
- State nonce cookie should properly be signed HOT 2
- How can run Ueberauth plug directly? HOT 3
- Custom `callback_port` and `callback_scheme` not used HOT 1
- Callback URL not mounted right when router has nested paths
- Can't set strategy options at runtime HOT 2
- Line Login v2.1 update request which I've done HOT 4
- Gracefully handle unknown providers HOT 10
- callback_port config compiled into plug at compile time HOT 10
- App.Auth.AuthController.request/2 is undefined or private HOT 1
- minor: mix package versions are out of date
- New hex.pm release? HOT 1
- Incorrect callback_url when using Bandit.PhoenixAdapter
- put_session successful, but get_session failed HOT 1
- function MyAppWeb.OAuthController.request/2 is undefined or private HOT 1
- Support for nonces HOT 1
- FR: Support multiple usages of the same strategy in config HOT 13
- Incomplete docs to configure pipeline and check that user is authenticated HOT 3
- Latest release breaks existing paths HOT 6
- Latest version is retired HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ueberauth.