Open shah opened 1 month ago
@razakpm please see if this file is required and, if not, remove it and perform any other cleanup: hub-prime/src/main/java/org/techbd/service/http/NoAuthSecurityConfig.java
.
@shah NoAuthSecurityConfig.java is useful for testing locally because it disables the login requirements. I didn't use the existing profile like sandbox
because it's necessary to test authentication in the sandbox environment too. Instead, I used a profile called localopen
that allows developers to test the application quickly without authentication. I didn't set any default user or role since it's not confirmed yet, so I didn't complete the last task in this requirement. Also, the new update (reading roles based on resources is still pending in this issue).
Added NoAuthSecurityConfig.java to test locally without Authentication, currently no default role.
We should switch to using the GitHub Java SDK to access APIs instead of using our own custom HTTP calls.
We need to implement a user and role management system for our custom application using GitHub IDs. The system should read a configuration file (
oauth2-github-authz.yml
) stored in a private GitHub repository and use this file to manage user access and roles within a Spring Boot 3.3 application. Authentication (AuthN) will be handled by GitHub, while authorization (AuthZ) will be managed using Spring Authorization.Consider the following dependencies for the
pom.xml
file:Instructions
Create Configuration File
oauth2-github-authz.yml
in the private GitHub repository (github.com/tech-by-design/infrastructure-prime
).Structure the file as follows:
Read YAML File from GitHub
Implement GitHub File Reader
Configure Spring Security
Local Environment Configuration
Service to Manage Users and Roles
References and Useful Links
Additional Notes