[PLATFORM-1195]: rfc8414 compliance #185

MaeIsBad · 2023-11-02T16:29:49Z

https://prima-assicurazioni-spa.myjetbrains.com/youtrack/issue/PLATFORM-1195

This allows auth0_ex to be used with okta as well as auth0 🙂

cottinisimone

Good job :). Just a little thing

cottinisimone · 2023-11-03T11:28:06Z

lib/prima_auth0_ex/openid_configuration.ex

+    url = metadata_url(base_url)
+    %HTTPoison.Response{status_code: status_code, body: meta_body} = Telepoison.get!(url, accept: "application/json")
+
+    true = status_code in 200..299


I would handle it in a more graceful way since the error code might be a bit confusing from the user perspective. I think we might custom panic this and the Telepoison.get! to give a more relevant information to the user

Moreover i think it might be better to call this def fetch!(... being that this function might panic. Otherwise you can return {:ok, __MODULE__.t()} | {:error, atom() | String.t()} and gracefully handle panics

I've changed it to fetch! and added an exception. I think panicking in this situation makes sense

cpiemontese

Isn't retrieve_token on the hot path? 🤔

Anyways, nice!

MaeIsBad · 2023-11-06T09:06:51Z

Isn't retrieve_token on the hot path? 🤔

good point, I assumed it would get cached in redis, I'm not sure if the extra request is worth it

MaeIsBad · 2023-11-06T09:08:53Z

Isn't retrieve_token on the hot path? 🤔

I didn't think about it but it totally is if you don't configure redis.

Maybe if redis isn't configured we could use an ets cache by default?

cpiemontese · 2023-11-06T09:13:04Z

Either ETS or an Agent, but maybe this could be done as part of a separate PR; the ability to cache locally if Redis is not available seems useful

cpiemontese

🚀

MaeIsBad force-pushed the PLATFORM-1195/task/rfc8414-compliance branch 5 times, most recently from acc5086 to f08e24d Compare November 2, 2023 17:36

MaeIsBad marked this pull request as ready for review November 3, 2023 11:20

MaeIsBad requested a review from a team as a code owner November 3, 2023 11:20

cottinisimone reviewed Nov 3, 2023

View reviewed changes

MaeIsBad requested a review from cottinisimone November 3, 2023 13:22

cpiemontese previously approved these changes Nov 3, 2023

View reviewed changes

MaeIsBad added 13 commits November 20, 2023 14:14

Fetch jwks_uri from openid-configuration

5cc140b

Add localauth0 to the docker-compose

7fd06ee

Integrate localauth0 into tests

b19456c

Fix VerifyAndValidateTokenTest

6997285

Do not exclude external tests by default

875e5e5

Remove mentions of external tests

af8998d

Parse openid configuration in a dedicated module

68cf671

Fetch token endpoint from the openid configuration endpoint

6d90a1e

Formatting

671197c

Fix authorization service tests not mocking the openid metadata endpoint

d9000fb

Add docs to the OpenIDConfiguration module

922eed9

Format

05d4a84

Linters

f083e84

MaeIsBad dismissed cpiemontese’s stale review via 34f3c2f November 20, 2023 13:15

MaeIsBad force-pushed the PLATFORM-1195/task/rfc8414-compliance branch from c81a948 to 34f3c2f Compare November 20, 2023 13:15

MaeIsBad added 2 commits November 20, 2023 15:50

Add changelog entry

19075ac

Punctuation

5a571a8

MaeIsBad added 6 commits November 20, 2023 15:51

Mention the need to update localauth0 in the changelog

9b65746

Add metadata parsing test

8b4cadc

Format

0814447

fetch -> fetch!

17b7649

Use memory cache by default

3f71940

Update CHANGELOG

929c4e4

MaeIsBad force-pushed the PLATFORM-1195/task/rfc8414-compliance branch from 9bbcf25 to 929c4e4 Compare November 20, 2023 14:51

MaeIsBad requested a review from cpiemontese November 20, 2023 14:52

MaeIsBad force-pushed the PLATFORM-1195/task/rfc8414-compliance branch 14 times, most recently from 34584ad to dce464c Compare November 20, 2023 17:56

Fix localauth0 missing in CI

201079f

MaeIsBad force-pushed the PLATFORM-1195/task/rfc8414-compliance branch from dce464c to 201079f Compare November 20, 2023 17:56

cpiemontese approved these changes Nov 21, 2023

View reviewed changes

MaeIsBad merged commit 8ba0336 into master Nov 21, 2023
3 checks passed

MaeIsBad deleted the PLATFORM-1195/task/rfc8414-compliance branch November 21, 2023 09:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[PLATFORM-1195]: rfc8414 compliance #185

[PLATFORM-1195]: rfc8414 compliance #185

MaeIsBad commented Nov 2, 2023

cottinisimone left a comment

cottinisimone Nov 3, 2023

cottinisimone Nov 3, 2023

MaeIsBad Nov 3, 2023 •

edited

Loading

cpiemontese left a comment

MaeIsBad commented Nov 6, 2023

MaeIsBad commented Nov 6, 2023

cpiemontese commented Nov 6, 2023

cpiemontese left a comment

[PLATFORM-1195]: rfc8414 compliance #185

[PLATFORM-1195]: rfc8414 compliance #185

Conversation

MaeIsBad commented Nov 2, 2023

cottinisimone left a comment

Choose a reason for hiding this comment

cottinisimone Nov 3, 2023

Choose a reason for hiding this comment

cottinisimone Nov 3, 2023

Choose a reason for hiding this comment

MaeIsBad Nov 3, 2023 • edited Loading

Choose a reason for hiding this comment

cpiemontese left a comment

Choose a reason for hiding this comment

MaeIsBad commented Nov 6, 2023

MaeIsBad commented Nov 6, 2023

cpiemontese commented Nov 6, 2023

cpiemontese left a comment

Choose a reason for hiding this comment

MaeIsBad Nov 3, 2023 •

edited

Loading