malliaridis commented on code in PR #2605: URL: https://github.com/apache/solr/pull/2605#discussion_r1708222059
########## solr/compose-ui/src/commonMain/kotlin/org/apache/solr/composeui/utils/HttpClientUtils.kt: ########## @@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.solr.composeui.utils + +import io.ktor.client.HttpClient +import io.ktor.client.plugins.contentnegotiation.ContentNegotiation +import io.ktor.client.plugins.defaultRequest +import io.ktor.serialization.kotlinx.json.json +import kotlinx.serialization.json.Json + +/** + * Function that returns a simple HTTP client that is preconfigured with a base + * URL. + */ +fun getDefaultClient() = HttpClient { Review Comment: > How does authentciation work? I would probably implement authentication as another UI component that acts as a decorator for all the underlying components. It would be loaded directly under the root component in the UI layers (so to speak) and check if there are credentials (or any other authentication information) present, or if an authentication is necessary. In case auth data is present, it is used and the auth component proceeds in the "authenticated route". If there is no data present, it proceeds with the "unauthenticated route", that shows the user the login screen. Additionally, all components with a state have an [`AppComponentContext`](solr/compose-ui/src/commonMain/kotlin/org/apache/solr/composeui/utils/AppComponentContext.kt) that can be extended with `authorization` data and user identity. That data can be used to update the component's state accordingly and hide for example UI elements if the user is not authorized to use. So Authentication and Authorization becomes a responsibility of "just another component" and may be part of the components' context. The `getDefaultClient()` function is only used for convenience here. The component responsible for auth would probably provide the logic for creating an authenticated / authorized client and pass it down to all the other components that need an `HttpClient`. This way, the component can also react on auth expiration, token refresh etc, if not handled by the `HttpClient` itself, and switch the routes on demand. And last but not least, the Auth component(s) and related store(s) may be platform-specific or platform-aware, since depending on the platform, different secure stores may be used for storing credentials / auth data, as well as different auth mechanisms may be supported depending on the platform the application is running (like Kerberos auth). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
