Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Plans about this project? #16

Closed
yaytul opened this issue Nov 7, 2016 · 3 comments
Closed

Plans about this project? #16

yaytul opened this issue Nov 7, 2016 · 3 comments

Comments

@yaytul
Copy link

yaytul commented Nov 7, 2016

Hi @kakawait, first of all congrats on this poc, I think it's a very useful example. I'd like to know how much more you are planning to add to this project? And what do you want to add?

If you are looking for ideas, I can suggest looking into;

  • Make it completely stateless, so each service can scale out. (Or if you're not going to abandon sessions, use session by adding Spring Session?)
  • Externalize token store (e.g. Redis)
  • Maybe federated logins? E.g. Facebook logins, I'm not necessarily suggesting Spring Social, this might be a stretch but may be more like a social auth server explained in this article
@xxlabaza
Copy link

xxlabaza commented Nov 7, 2016

Is it possible to make it statless and return JWT to the client? I am currently working on my own "Spring Cloud + OAuth2" microservices POC and I try to create auth service which will produce JWT to the client, without storing it at all.

@kakawait
Copy link
Owner

kakawait commented Nov 7, 2016

To be honest I do not have any roadmap or plan for this project. The only feature I recently listed is about reducing number of redirection (see #9).

I didn't think that project will be so popular when I created it.

Every features you listed are really good. I think stateless and federate login can be a great addition but when I write that comment I have no precise idea to how achieve it, but I think is possible just need some time.

About token externalization on dedicated store looks like more simple from my point of view.

What you can do, is firstly create dedicated issue for each idea. I can't promise that I will resolve every for a given date but I can start working on it and maybe someone else can also contribute on it.

I'm using such variant of this implementation on my own project and for example federate login is something that I already wanted to implement.

@yaytul
Copy link
Author

yaytul commented Nov 7, 2016

Thank you and I think that's good enough. After all that's what open source is about right? :-) I will close this issue and create separate issues for each item on the list as per your suggestion. It'd be easier to get contributors and track progress. (@xxlabaza thanks for the support, please track the new tickets!)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants