Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support to overwrite the auth.scopes config of service annotation by resource annotation #973

Closed
ldclakmal opened this issue Feb 14, 2021 · 0 comments · Fixed by ballerina-platform/module-ballerina-http#604
Closed

Support to overwrite the auth.scopes config of service annotation by resource annotation #973

ldclakmal opened this issue Feb 14, 2021 · 0 comments · Fixed by ballerina-platform/module-ballerina-http#604
Assignees
@ldclakmal
Labels
Area/Security Issues related to stdlib security module/http Points/0.5 Team/PCM Protocol connector packages related issues Type/Improvement
Milestone
Swan Lake Beta3

Comments

@ldclakmal
Copy link
Member

ldclakmal commented Feb 14, 2021
edited
Loading

Description
Currently, the auth config of http:ServiceConfig annotation can be completely overwritten by the auth config of http:ReourceConfig annotation. But, there can be use cases where only the auth.scopes config should be overwritten per resource.

Example:

http:JwtValidatorConfig config = {
    issuer: "wso2",
    audience: "ballerina",
    signatureConfig: {
        certFile: "./resources/public.crt"
    }
};

listener http:Listener securedEP = new(9090,
    secureSocket = {
        key: {
            certFile: "./resources/public.crt",
            keyFile: "./resources/private.key"
        }
    }
);

@http:ServiceConfig {
    auth: [
        {
            jwtValidatorConfig: {
                issuer: "wso2",
                audience: "ballerina",
                signatureConfig: {
                    certFile: "./resources/public.crt"
                }
            }
        }
    ]
}
service /ordermgt on securedEP {

    @http:ResourceConfig {
        auth: {
            scopes: ["add_order"]
        }
    }
    resource function post 'order(@http:Payload Order 'order) returns http:Created {

    }

    @http:ResourceConfig {
        auth: {
            scopes: ["add_order"]
        }
    }
    resource function put 'order/[string orderId](@http:Payload UpdateOrder updateOrder) returns http:Ok|http:BadRequest {
        
    }
}
@ldclakmal ldclakmal self-assigned this Feb 14, 2021
@ldclakmal ldclakmal mentioned this issue Feb 14, 2021
Closed
45 tasks
@ldclakmal ldclakmal added this to the Swan Lake Alpha3 milestone Feb 15, 2021
@ldclakmal ldclakmal removed the Verson/SwanLakeDump All issues planned for Swan Lake GA release label Feb 23, 2021
@ldclakmal ldclakmal removed this from the Swan Lake Alpha3 milestone Feb 23, 2021
@anupama-pathirage anupama-pathirage added the Team/PCM Protocol connector packages related issues label Mar 1, 2021
@ldclakmal ldclakmal added the Area/Security Issues related to stdlib security label Jun 10, 2021
@ldclakmal ldclakmal removed their assignment Aug 9, 2021
@ldclakmal ldclakmal changed the title Support auth annotation config overwritten for authn/authz seperately Support to overwrite the auth.scopes config of service annotation by resource annotation Aug 24, 2021
@ldclakmal ldclakmal mentioned this issue Aug 25, 2021
Merged
3 tasks
@ldclakmal ldclakmal self-assigned this Aug 25, 2021
@ldclakmal ldclakmal added this to the Swan Lake Beta3 milestone Aug 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ldclakmal ldclakmal

Labels
Area/Security Issues related to stdlib security module/http Points/0.5 Team/PCM Protocol connector packages related issues Type/Improvement
Projects
None yet
Milestone
Swan Lake Beta3
Development

Successfully merging a pull request may close this issue.

Add support to overwrite the scopes config by resource annotation ldclakmal/module-ballerina-http
2 participants
@ldclakmal @anupama-pathirage