<!-- 
RSS generated by JIRA (9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b) at Mon Feb 12 10:51:56 CET 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>Magnolia - Issue tracker</title>
    <link>https://jira.magnolia-cms.com</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-uk</language>    <build-info>
        <version>9.4.2</version>
        <build-number>940002</build-number>
        <build-date>19-01-2023</build-date>
    </build-info>


<item>
            <title>[MGNLSSO-189] Custom SSO authorization generators</title>
                <link>https://jira.magnolia-cms.com/browse/MGNLSSO-189</link>
                <project id="15486" key="MGNLSSO">Single Sign On</project>
                    <description>&lt;h1&gt;&lt;a name=&quot;Goal&quot;&gt;&lt;/a&gt;Goal&lt;/h1&gt;

&lt;p&gt;SSO 3.0.0 lacks a feature/interface to define a class to resolve groups.&lt;/p&gt;

&lt;p&gt;Example: for Azure, we receive group IDs instead of group names. We need to resolve these group IDs to names, but that currently is not possible -&#160; We would need group resolution there to resolve a group name with group ID from Azure.&#160;&lt;/p&gt;
&lt;h1&gt;&lt;a name=&quot;Thoughtsfordiscovery&quot;&gt;&lt;/a&gt;Thoughts for discovery&lt;/h1&gt;
&lt;ul&gt;
	&lt;li&gt;One possible option is to include Custom authorization generator leveraging SPI (Service provider interface) - this needs further discovery.&lt;/li&gt;
	&lt;li&gt;Another option might be providing out-of-the-box generators which might be configurable, so that less custom code to resolve groups is needed
	&lt;ul&gt;
		&lt;li&gt;Azure offers 3 ways on implementing mapping group IDs to group names, it might be possible to check if there are common patterns which might be implemented&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
&lt;/ul&gt;


&lt;h1&gt;&lt;a name=&quot;Notes&quot;&gt;&lt;/a&gt;Notes&lt;/h1&gt;
&lt;ul&gt;
	&lt;li&gt;Meeting discussed in: &lt;a href=&quot;https://www.notion.so/magnoliacms/SSO-3-0-0-incubator-module-grooming-e4ddd3534c3042a98b1597cb919a7bc0&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://www.notion.so/magnoliacms/SSO-3-0-0-incubator-module-grooming-e4ddd3534c3042a98b1597cb919a7bc0&lt;/a&gt;&#160;&lt;/li&gt;
	&lt;li&gt;Might be related to &lt;a href=&quot;https://jira.magnolia-cms.com/browse/MGNLSSO-61&quot; class=&quot;external-link&quot; rel=&quot;nofollow&quot;&gt;https://jira.magnolia-cms.com/browse/MGNLSSO-61&lt;/a&gt;, as Azure group / ids resolution is discussed there&lt;/li&gt;
&lt;/ul&gt;


&lt;h2&gt;&lt;a name=&quot;Discoveryoutput&quot;&gt;&lt;/a&gt;Discovery output&lt;/h2&gt;
&lt;ul&gt;
	&lt;li&gt;As discussed with &lt;a href=&quot;https://jira.magnolia-cms.com/secure/ViewProfile.jspa?name=mgeljic&quot; class=&quot;user-hover&quot; rel=&quot;mgeljic&quot;&gt;mgeljic&lt;/a&gt;, we agreed to go with the Custom authorization generator leveraging SPI (&lt;a href=&quot;https://www.baeldung.com/java-spi&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Service provider interface&lt;/a&gt;). This approach will open the possibility for customization.&lt;/li&gt;
	&lt;li&gt;With that, we have to introduce a Service provider interface to allow customers implement their own authorization generator in a custom module (jar file)&lt;/li&gt;
	&lt;li&gt;Specify a new predefined key, for example &quot;customAuthorization&quot; in the &quot;oidc.authorizationGenerators&quot; config property, then it will lookup for the custom authorization generator from the SPI, something like this in the yaml configuration:&lt;/li&gt;
&lt;/ul&gt;


&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
clients:
  oidc.id: ...
  oidc.secret: ...
  oidc.scope: ...
  oidc.discoveryUri: http:&lt;span class=&quot;code-comment&quot;&gt;//localhost:8180/realms/mgnl/.well-known/openid-configuration
&lt;/span&gt;  oidc.preferredJwsAlgorithm: RS256
  oidc.authorizationGenerators: customAuthorization&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;&lt;b&gt;Notes&lt;/b&gt;: Re: the second option &quot;providing out-of-the-box generators which might be configurable&quot;, this may not cover all cases from the customers requirement, especially Azure AD provided different ways to configure the groups/authorization. So, we can&apos;t know which is the most common configuration pattern to create the OOTB generators for the IDPs (Azure, Okta, Keycloak)&lt;/p&gt;</description>
                <environment></environment>
        <key id="121314">MGNLSSO-189</key>
            <summary>Custom SSO authorization generators</summary>
                <type id="2" iconUrl="https://jira.magnolia-cms.com/secure/viewavatar?size=xsmall&amp;avatarId=10891&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="6" iconUrl="https://jira.magnolia-cms.com/images/icons/priorities/neutral.gif">Neutral</priority>
                        <status id="6" iconUrl="https://jira.magnolia-cms.com/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are not closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="1">Fixed</resolution>
                                        <assignee username="nguyen.phung">Nguyen Phung Chi</assignee>
                                    <reporter username="mrajkovic">Matt Rajkovic</reporter>
                        <labels>
                    </labels>
                <created>Tue, 1 Nov 2022 13:48:37 +0100</created>
                <updated>Tue, 18 Apr 2023 13:25:47 +0200</updated>
                            <resolved>Thu, 2 Mar 2023 08:07:30 +0100</resolved>
                                    <version>3.0.0</version>
                                    <fixVersion>3.1.0</fixVersion>
                    <fixVersion>saas</fixVersion>
                                        <due></due>
                            <votes>0</votes>
                                    <watches>5</watches>
                                                    <progress percentage="100">
                                    <originalProgress>
                                                    <row percentage="0" backgroundColor="#89afd7"/>
                                                    <row percentage="100" backgroundColor="transparent"/>
                                            </originalProgress>
                                                    <currentProgress>
                                                    <row percentage="100" backgroundColor="#51a825"/>
                                                    <row percentage="0" backgroundColor="#ec8e00"/>
                                            </currentProgress>
                            </progress>
                                    <aggregateprogress percentage="100">
                                    <originalProgress>
                                                    <row percentage="0" backgroundColor="#89afd7"/>
                                                    <row percentage="100" backgroundColor="transparent"/>
                                            </originalProgress>
                                                    <currentProgress>
                                                    <row percentage="100" backgroundColor="#51a825"/>
                                                    <row percentage="0" backgroundColor="#ec8e00"/>
                                            </currentProgress>
                            </aggregateprogress>
                                                    <timespent seconds="171000">5d 7.5h</timespent>
                                                                    <aggregatetimespent seconds="171000">5d 7.5h</aggregatetimespent>
                                        <issuelinks>
                            <issuelinktype id="10160">
                    <name>Relates</name>
                                            <outwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="99403">MGNLSSO-61</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10010">
                    <name>relation</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                            <attachment id="102599" name="AzureAdRolesGroupsAuthorizationGenerator.java" size="11503" author="lfischer" created="Tue, 1 Nov 2022 14:35:36 +0100"/>
                    </attachments>
                <subtasks>
                            <subtask id="121315">MGNLSSO-190</subtask>
                            <subtask id="121316">MGNLSSO-191</subtask>
                            <subtask id="121317">MGNLSSO-192</subtask>
                            <subtask id="121318">MGNLSSO-193</subtask>
                    </subtasks>
                <customfields>
                                                                            <customfield id="customfield_14166" key="com.okapya.jira.checklist:checklist">
                        <customfieldname>Acceptance criteria</customfieldname>
                        <customfieldvalues>
                            
        <checklist>
        <![CDATA[
                            




                
                                    <div class="o-completion" style="display: flex; flex-shrink: 0;"><span  class="aui-lozenge aui-lozenge-complete" style="font-size: 12px; font-weight: normal; display: flex; flex-direction: row; align-items: center;" ><span style="padding-right: 4px; vertical-align: middle;"><svg width="15" height="15" viewBox="0 0 15 15" xmlns="http://www.w3.org/2000/svg" fill="white"><path clip-rule="evenodd" d="m10.41037,3.42544l-7.86501,0c-0.72395,0 -1.31084,0.58688 -1.31084,1.31084l0,7.86508c0,0.7239 0.58689,1.3108 1.31084,1.3108l7.86501,0c0.724,0 1.3109,-0.5869 1.3109,-1.3108l0,-7.86508c0,-0.72396 -0.5869,-1.31084 -1.3109,-1.31084zm-7.86501,-0.65542c-1.08593,0 -1.96626,0.88032 -1.96626,1.96626l0,7.86508c0,1.0859 0.88033,1.9662 1.96626,1.9662l7.86501,0c1.086,0 1.9663,-0.8803 1.9663,-1.9662l0,-7.86508c0,-1.08594 -0.8803,-1.96626 -1.9663,-1.96626l-7.86501,0z" fill-rule="evenodd"/><path d="m5.09049,10.18526l-1.82767,-1.82766l-0.78479,0.78479l2.61246,2.61246l5.38758,-5.38754l-0.78483,-0.78479l-4.60275,4.60274z"/></svg></span><span>Empty</span></span></div>
                        ]]>
    </checklist>


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10111" key="com.atlassian.jira.toolkit:reporterdomain">
                        <customfieldname>Company</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>magnolia-cms.com</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10031" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 1 Nov 2022 14:36:48 +0100</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_12730" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_14151" key="com.atlassian.jira.toolkit:message">
                        <customfieldname>Docu info</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_12130" key="com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes">
                        <customfieldname>Documentation update required</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="13300"><![CDATA[Yes]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10246" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>CLOUD-1055</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10061" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comm is not jira-dev</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10071" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last participant</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>rgange</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_13136" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            1 year, 14 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10020" key="com.atlassian.jira.toolkit:attachments">
                        <customfieldname>Number of attachments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10150" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname>Number of comments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>mrajkovic</customfieldvalue>
            <customfieldvalue>nguyen.phung</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_10833" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|y08zt4:i</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10244" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10245" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="1770">AdminX 30</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10242" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>8.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12430" key="com.atlassian.teams:rm-teams-custom-field-team">
                        <customfieldname>Team</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[24]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_14145" key="com.intenso.jira.issue-templates:issue-templates-customfield">
                        <customfieldname>Template</customfieldname>
                        <customfieldvalues>
                            


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_15131" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Time in Discovery</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1319</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10032" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_13933" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Urgency (resolution)</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="15724"><![CDATA[Normal]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_14630" key="com.atlassian.jira.plugin.system.customfieldtypes:datetime">
                        <customfieldname>Work Started</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 23 Feb 2023 09:17:00 +0100</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    </customfields>
    </item>
</channel>
</rss>