Skip to content

Azure AuthZ and AuthN changes

Komal Makkar requested to merge authentication_changes into master

Description

  1. Added implementation of IServiceAccountValidation.
  2. Overwritten WebSecurityConfigurerAdapter, added swagger auth, and AAD filters.

Has to go in after MR 10

How to test / repro

  • Integration Test

Changes include

  • Refactor (a non-breaking change that improves code maintainability).
  • Bugfix (a non-breaking change that solves an issue).
  • New feature (a non-breaking change that adds functionality).
  • Breaking change (a change that is not backward-compatible and/or changes current functionality).

Changes in

  • Azure

Checklist

  • Added Unit Tests, wherever applicable.
  • Updated the Readme
  • Existing Tests pass
  • Verified functionality locally
  • Self Reviewed my code for formatting and complex business logic.

Other comments

  • IServiceAccountValidator implementation of GCP verifies the token. The verification is done by AAD filter that is added to SecurityConfig. The Filter verifies the auth Token and checks time for expiry. The audience is checked by AzureServiceAccountValidatorImpl.

@njain5 @nthakur Please verify the completeness of authorization and authentication. @danielscholl @dkodeih FYI

Edited by Komal Makkar

Merge request reports