Custom authorization generators

You can configure a custom authorization generator using a Java Service Provider Interface (SPI).

This approach is required to build a service provider that implements our SPI (info.magnolia.sso.config.spi.AuthorizationGeneratorProvider) and provides the implementation for Pac4j (org.pac4j.core.authorization.generator.AuthorizationGenerator).
Want a full-fledged tutorial?

Check out the Microsoft Azure Active Directory custom group authentication for a complete walkthrough with custom authorization generators.

Instructions

To configure a custom authorization generator, place the classes and the configuration file in a Magnolia custom module that depends on the SSO module and the Pac4j core artifact org.pac4j:pac4j-core@5.7.0. For example purposes, let’s run through some instructions below.

  1. Package com.example.impl.CustomAuthorizationGeneratorProvider and com.example.impl.CustomAuthorizationGenerator in a JAR file for the class path. The JAR file will contain a provider configuration file named META-INF/services/info.magnolia.sso.config.spi.AuthorizationGeneratorProvider that should contain the following line:

    com.example.impl.CustomAuthorizationGeneratorProvider (1)
    1 Where CustomAuthorizationGeneratorProvider is the name of your service provider that implements our SPI (info.magnolia.sso.config.spi.AuthorizationGeneratorProvider).
  2. Configure the service provider using its simple class name, or fully-qualified class name, for your desired client as part of the <magnolia.resources.dir>/magnolia-sso/.config.yaml file in your SSO module.

    clients:
      oidc.id: 0o...x7
      oidc.secret: aK...th6
      oidc.authorizationGenerators: CustomAuthorizationGeneratorProvider (1)
    
      # Or fully-qualified class name
      # oidc.authorizationGenerators: com.example.impl.CustomAuthorizationGeneratorProvider
    1 Where CustomAuthorizationGeneratorProvider is the name of your service provider defined in META-INF/services/info.magnolia.sso.config.spi.AuthorizationGeneratorProvider.
Feedback

DX Core

×

Location

This widget lets you know where you are on the docs site.

You are currently perusing through the SSO module docs.

Main doc sections

DX Core Headless PaaS Legacy Cloud Incubator modules