search

Azure / azure-sdk-for-java

This repository is for active development of the Azure SDK for Java. For consumers of the SDK we recommend visiting our public developer docs at https://docs.microsoft.com/java/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-java.
MIT License
2.3k stars 1.96k forks source link

[FEATURE REQ] Improve the IAM related document of Spring Cloud Azure #32850

Open chenrujun opened 1 year ago

chenrujun commented 1 year ago

Context

IAM is short for Identity and Access Management. Here are all existing contents about IAM in Spring Cloud Azure:

  1. Secure REST API using Spring Security 5 and Azure Active Directory.

    image

  2. Enable OIDC sign in for Spring with Azure AD B2C

    image

  3. Developer Guide -> Spring Security support

    image

Problem

Current contents about IAM in Spring Cloud Azure is not easy to understand for customers. For example: In Enable OIDC sign in for Spring with Azure AD B2C, it actually tech customer how to support sign up / sign in Spring web app. But the following contents will make customer confused:

image

Goal

Make contents about IAM in Spring Cloud Azure easier to understand.

Solution proposal

Need a new design about IAM in Spring Cloud Azure document. Here is an example of design:

  1. Secure REST API using Spring Security 5 and Azure Active Directory 1.1. Change title to "Add Login with Azure AD Account in Spring Web App" 1.2. Update description. The article actually teaches customer how to make the login page from image-1 to image-2:

    image-1: image

image-2: image

  1. Enable OIDC sign in for Spring with Azure AD B2C 2.1. Title should change to "Add Login with Azure AD B2C in Spring Web App". 2.2. This article should have corver these contents:

        1. user sign up
2. user sign in
3. social account login
4. user profile update
5. logout support
6. reset password
(Maybe we should consider split this into a multi docs)

  2. Provide a new article named "Secure your REST API using Spring Cloud Azure" 3.1. The new article will like this one https://auth0.com/docs/quickstart/backend/java-spring-security5/interactive 3.2. The new article should contain these contents:

    Authorization
Using your api
troubleshooting

    3.3 It should also cover this topic https://learn.microsoft.com/en-us/azure/architecture/solution-ideas/articles/protect-backend-apis-azure-management

stliu commented 1 year ago

@chenrujun how's this one, I thought we said we should fix the minor issue first

chenrujun commented 1 year ago

@stliu

@chenrujun how's this one, I thought we said we should fix the minor issue first

  1. The name in left TOC and article title update PR already merged into main branch. Link to PR: https://github.com/MicrosoftDocs/azure-dev-docs-pr/pull/4047
  2. The live site hasn't taken effect now. Because the change hasn't merge to live branch yet. To make it take effect, the change must be merged into live branch. Here is the link about PRs merging main branch to live branch: https://github.com/MicrosoftDocs/azure-dev-docs-pr/pulls?q=is%3Apr+Publish+is%3Aclosed image
chenrujun commented 1 year ago

Hi, @stliu

  1. Secure REST API using Spring Security 5 and Azure Active Directory 1.1. Change title to "Add Login with Azure AD Account in Spring Web App" 1.2. Update description. The article actually teaches customer how to make the login page from image-1 to image-2:

I created a PR for this: https://github.com/MicrosoftDocs/azure-dev-docs-pr/pull/4064. Please take a look when you have time. There are some differences comparing to the issue description:

  1. The title changed to Develop a Spring web app which supports sign-in by Azure AD account. I think Develop a Spring web app which supports sign-in by Azure AD account is better than Add Login with Azure AD Account in Spring Web App. Because the latter one is more like add this feature in an existing app.
  2. The description doesn't have any content about image-1. Because the image-1 didn't appear in the article.
  3. The image-2 is not same with the image used in current issue description. The image-2 in issue description is about Azure AD B2C. Only Azure AD B2C support features like sign up / Sign in with social account. Azure AD doesn't support these features. I use the Azure AD login screenshot in the description.
chenrujun commented 1 year ago

Unassign myself according to @stliu 's ask.

Current process:

chenrujun commented 1 year ago

Relate issue: https://github.com/MicrosoftDocs/azure-dev-docs/issues/710

chenrujun commented 1 year ago

Another related issue: https://github.com/MicrosoftDocs/azure-dev-docs/issues/747