Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve loopback4 authorization docs of using the component #5441

Closed
4 tasks
kanusoni opened this issue May 15, 2020 · 5 comments
Closed
4 tasks

Improve loopback4 authorization docs of using the component #5441

kanusoni opened this issue May 15, 2020 · 5 comments
Assignees
@jannyHou
Labels
Authorization Docs
Milestone
Aug 2020

Comments

@kanusoni
Copy link

kanusoni commented May 15, 2020
edited by agnes512
Loading

Hello ,
can you please provide separate demo tutorial for integration of authorization component with loopback4 API.
Whatever written in loopback.io tutorial is bit confusing.....needs more clarification on this.
Thanks.

Acceptance Criteria

Out of scope

  • create an authorization example if needed
@loopbackio loopbackio deleted a comment from kanusoni May 15, 2020
@dhmlau dhmlau added 2020Q3 and removed question labels May 17, 2020
@jannyHou
Copy link
Contributor

jannyHou commented May 19, 2020
edited
Loading

@kanusoni We have a tutorial for the access control example in https://loopback.io/doc/en/lb4/migration-auth-access-control-example.html
It's a tutorial from the migration angle, not exactly the one you want, but it does provide the steps of adding the authorization stuff from scratch.

We will probably create a standalone authorization example for demo.

@dhmlau
Copy link
Member

dhmlau commented May 25, 2020

@jannyHou, is it a duplicate of #5294?

@jannyHou jannyHou mentioned this issue May 28, 2020
Closed
7 tasks
@HrithikMittal HrithikMittal mentioned this issue May 28, 2020
Closed
2 tasks
@jannyHou
Copy link
Contributor

@dhmlau Let's track authentication and authorization separately, #5294 is for authentication.

@jannyHou
Copy link
Contributor

Thank you @kanusoni , based on the discussion, here is a proposal for adding a new example for authorization and re-structuring the doc:

  • Create an authorization overview page (current overview + design section + chain of responsibilities)
  • Create a simpler RBAC authorization example
    - scenario: Users are associated with different roles, each role has different access to endpoints, use oauth0 to resolve the role mapping
    - use todo example
    - mount the authorization component
    - specify access control rules for endpoints like @authorize({allowedRoles: [‘admin’]})
    - create a global authorizer to determine the access, use oauth0 service as enforcer
    - create a local voter to define a calculation rule for an endpoint
    - docs of steps
  • Create a page for components (The rest of current docs)

@jannyHou jannyHou mentioned this issue Jul 23, 2020
Closed
7 tasks
@agnes512 agnes512 changed the title Integrating loopback4 with authorization component Improve loopback4 authorization docs of using the component Jul 27, 2020
@agnes512 agnes512 removed the Examples label Jul 27, 2020
@jannyHou jannyHou mentioned this issue Jul 29, 2020
Closed
27 tasks
@dhmlau dhmlau added this to the Sept 2020 milestone Aug 10, 2020
@jannyHou jannyHou mentioned this issue Aug 25, 2020
Merged
8 tasks
@jannyHou jannyHou self-assigned this Aug 26, 2020
@jannyHou
Copy link
Contributor

Done in #6195. Thanks for all suggestions!

@dhmlau dhmlau modified the milestones: Sept 2020, Aug 2020 Aug 31, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jannyHou jannyHou

Labels
Authorization Docs
Projects
None yet
Milestone
Aug 2020
Development

No branches or pull requests
5 participants
@dougal83 @jannyHou @dhmlau @agnes512 @kanusoni