Define configuration schema

zalando-stups / put-it-to-rest

https://github.com/zalando/riptide/tree/master/riptide-spring-boot-starter

MIT License

11 stars 6 forks source link

Define configuration schema #4

Closed whiskeysierra closed 8 years ago

whiskeysierra commented 8 years ago

rest:
  oauth:
    client-id: business-partner-service
    access-token-url: ${ACCESS_TOKEN_URL:http://example.com}
    scheduling-period: 10
    timeouts:
      connect: 2
  clients:
    business-partner:
      base-url: https://business-partner-service.team.company.com
      oauth.scopes:
        - uid
        - business-partner-service.read
      timeouts:
        read: 3
    exchange-rate:
      base-url: https://exchange-rate-service.team.company.com
      oauth.scopes:
        - uid
    ecb:
      base-url: http://www.ecb.europa.eu
      oauth.enabled: false

whiskeysierra commented 8 years ago

Env var examples:

REST_CLIENTS_ECB_BASE_URL=http://localhost:8080

whiskeysierra commented 8 years ago

base url (empty string default?
ClientHttpRequestFactory
message converters (json default?)
error handler (pass through default, configurable?)
timeouts
interceptors
OAuth
- ClientCredentialsProvider
- UserCredentialsProvider
- AccessTokens
- StupsTokensAccessTokenProvider

AlexanderYastrebov commented 8 years ago

Should security be renamed to oauth?

whiskeysierra commented 8 years ago

Should security be renamed to oauth

Probably

AlexanderYastrebov commented 8 years ago

Do we need top level oauth containing accessTokenUrl?

whiskeysierra commented 8 years ago

Do we need top level oauth containing accessTokenUrl?

I was thinking about a reserved oauth client for stuff like this. Actually for the two OAUTH urls we have somewhat well-defined environment variable names that we can rely on.

whiskeysierra commented 8 years ago

ACCESS_TOKEN_URL for requesting new tokens
TOKENINFO_URL for token verification

AlexanderYastrebov commented 8 years ago

Maybe we can go without dotted properties like oauth.enabled and use nesting. Also the enablement could be deducted form presence of property, you do not need flag for this

whiskeysierra commented 8 years ago

Maybe we can go without dotted properties like oauth.enabled and use nesting.

Both are equivalent in Spring Boot.

Also the enablement could be deducted form presence of property, you do not need flag for this

That would mean it's unsecured by default? (not oauth property = disabled?)

AlexanderYastrebov commented 8 years ago

yes, not oauth property == disabled