laminelam commented on PR #1791: URL: https://github.com/apache/solr/pull/1791#issuecomment-1684023770
> Read through with some comments. > > A pity we don't have unit tests for frontend, cause there are some of this which is hard to test, especially error cases. > > I have not spun this up yet. May have a chance to test it with a KeyCloak protected cluster next week, where we currently use Solr with imiplicit flow. > > **Using a standard js lib?** I see you implemented PKCE flow with custom JS, which was not as bad/large as I feared it would be. Still, I have a feeling we should delegate all of this to some standard JS lib at some point, which would buy us token background refresh capabilities as well as a more tested and tried impl. [When I had a look at this a few years ago](https://issues.apache.org/jira/browse/SOLR-15434?focusedCommentId=17419625&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17419625) I found some OpenID js libs, but most of them tendend to be coupled with React or abandoned. I jumped back and found that [oidc-client-ts](https://authts.github.io/oidc-client-ts/) seems to be well maintained. Couldn't find an easy way to integrate third party libraries without some heavy changes in the front-end code. Given we don't have unit tests and the non maintainability of AngularJS, I thought it'd better, cleaner an easier to maintain/debug if we code it ourselves, especially this is straightforward logic (catch the returned code from the redirection and use it to make a second call to get the tokens.) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org