Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-265

Possibility to implement custom SsoConfig

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Major
    • saas, 3.1.5
    • None
    • None
    • None
    • Yes
    • Yes

    Description

      The default ssoConfig is defined in the config yaml. This has 2 main issues:

      1. unencrypted secrets (event with your suggested env variables on build process solution, the war file contains the secret in plain text).
      2. Environment specific client configuration

       

      The possibility to define a custom SsoConfig implementation would enable us to load the config from wherever we like (e.g. magnolia properties, jcr, ...)

      Currently this can only be achieved by a hack:

      import info.magnolia.config.source.yaml.YamlReader;
      import info.magnolia.map2bean.Map2BeanTransformer;
      import info.magnolia.module.ModuleRegistry;
      import info.magnolia.resourceloader.ResourceOrigin;
      import info.magnolia.sso.config.SsoConfig;
      import info.magnolia.sso.config.SsoConfigYamlBridge;
      
      import javax.inject.Inject;
      
      public class CustomSsoConfigBridge extends SsoConfigYamlBridge {
          private final CustomSsoConfig ssoConfig;
      
          @Inject
          public GardenaSsoConfigBridge(
                final ModuleRegistry moduleRegistry,
                final ResourceOrigin resourceOrigin,
                final YamlReader yamlReader,
                final Map2BeanTransformer map2Bean,
                final CustomSsoConfig ssoConfig) {
             super(moduleRegistry, resourceOrigin, yamlReader, map2Bean);
             this.ssoConfig = ssoConfig;
          }
      
          @Override
          public SsoConfig get() {
             return ssoConfig;
          }
      } 
      import info.magnolia.sso.config.SsoConfig;
      
      public class CustomSsoConfig implements SsoConfig {
          ...
      } 

      Binding in module.xml

      <component>
          <type>info.magnolia.sso.config.SsoConfigYamlBridge</type>
          <implementation>...CustomSsoConfigBridge</implementation>
      </component>

      Binding the SsoConfig directly would be the cleaner solution and less dependent on the further development of this module (breaking change in case the Bridge ever gets removed/changed).

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                efochr Evzen Fochr
                beschle Björn Eschle
                AdminX
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:
                  Work Started:

                  Checklists

                    Task DoD

                    Time Tracking

                      Estimated:
                      Original Estimate - Not Specified
                      Not Specified
                      Remaining:
                      Remaining Estimate - Not Specified
                      Not Specified
                      Logged:
                      Time Spent - 2d 4.5h
                      2d 4.5h