Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSO becames a mess since 3.2.0 #1374

Closed
tbouliere-datasolution opened this issue Feb 21, 2023 · 1 comment · Fixed by #1421
Closed

SSO becames a mess since 3.2.0 #1374

tbouliere-datasolution opened this issue Feb 21, 2023 · 1 comment · Fixed by #1421
Assignees
@Eisie96
Labels
bug Something isn't working

Comments

@tbouliere-datasolution
Copy link
Contributor

tbouliere-datasolution commented Feb 21, 2023
edited
Loading

Related commit : 4e02efd
Since 3.2.0 intershop use ICM '/token' REST endpoint for authentication and it relies heavily on angular-oauth2-oidc to handle lifecycle of ICM token.
Even for anonymous browsing an oauth token is required.

The problem starts when you try to integrate a third-party SSO system.
Now you have to handle a token from 2 sources, one for the anonymous browsing (ICM) and one for logged browser (external SSO system).

Kind of hack has been code there :

intershop-pwa/src/app/core/identity-provider/auth0.identity-provider.ts

Line 90 in 1f87684

tokenEndpoint: serviceConf?.tokenEndpoint,

But this configuration will be override when openid document is loaded. And that created a lots of side effets

Expected Behavior

Anonymous token should not be driven by SSO mecanism

AB#83902
@tbouliere-datasolution tbouliere-datasolution added the bug Something isn't working label Feb 21, 2023
@tbouliere-datasolution
Copy link
Contributor Author

Also oidc provider is hardcode here

intershop-pwa/src/app/core/services/user/user.service.ts

Line 125 in 1f87684

this.oauthService.fetchTokenUsingGrant(

But the associated configuration is loaded as side effect.

OauthService should be injected in core code.

@shauke shauke changed the title SSO becames a mess since 3.3.0 SSO becames a mess since 3.2.0 Feb 22, 2023
@shauke shauke added this to the 4.0 milestone Feb 23, 2023
@shauke shauke removed this from the 4.0 milestone Mar 31, 2023
@Eisie96 Eisie96 mentioned this issue Apr 21, 2023
Merged
shauke pushed a commit that referenced this issue Jun 16, 2023
@Eisie96 @shauke
feat: improve token endpoint handling
979732e 
* own service, which is responsible for all token handling with the ICM
* rename ICMTokenEndpoint Service to TokenService and moved it files to core/services folder
* create utility class to instantiate custom oauthService instance
* adapt documentation for new authentication behavior

closes: #1374
shauke pushed a commit that referenced this issue Jun 16, 2023
@Eisie96 @shauke
feat: improve token endpoint handling
2aa15ba 
* own service, which is responsible for all token handling with the ICM
* rename ICMTokenEndpoint Service to TokenService and moved it files to core/services folder
* create utility class to instantiate custom oauthService instance
* adapt documentation for new authentication behavior

closes: #1374
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Eisie96 Eisie96

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: token behavior improvements intershop/intershop-pwa
3 participants
@Eisie96 @shauke @tbouliere-datasolution