brunobritodev/JPProject.IdentityServer4.AdminUI

Discuss - Separation of concerns

brunobritodev opened this issue · 2 comments

We are at a crossroad:

Stay simple, keep going

For the future, add these features to admin panel:

  • manager federation Gateway
  • New user e-mail template
  • Reset password e-mail template
  • Change e-mail configuration

Doing it in actual state the project will be highly coupled, and won't be just a Admin UI for IS4, but a SSO instead.

image

Modular

The new scenario will split Admin UI from SSO, creating two or more separated github projects.

The Admin UI will finally receive it's independency from this SSO. The new version will have capabilities to run for an existing IdentityServer4 database.

The new github project will be a SSO with features like:

  • Add Federation Gateway from an admin panel.
  • Configure custom e-mail settings.
  • Change blob settings to store user pictures.

The default version configuration:

  • ASP.NET Identity & SQL User Database
  • IdentityServer4 & SQL Database
  • Stored Event & SQL Database

As you can see, everything could change. ASP.NET Identity with a MongoDB, Stored Events in Kafka and IdentityServer4 with a Postgre.

The cost? A more complex scenario to configure.
The good? The default version will have a docker-compose with nginx and instructions for Load Balance and Docker Swarm

image

Your opinion matter:
Be a single SSO, keep the project small, simple, highly coupled ?

Separated projects to meet more and complex scenarios.

Coupling will slowly kill the project; rendering it hard to maintain and much more likely to suffer from bugs. Been seriously considering breaking it down. I am for

Separated projects to meet more and complex scenarios.

@tashaa78 thanks for your opinion!

Now there are 3 repo's.

  1. Core classes
  2. SSO
  3. Admin Panel

Admin panel

Admin panel is generic, it support both SSO and an existent IdentityServer4 server.

In it's repository has the panel (Angular 8) and an "Light" Api (ASP.NET Core 3) that can connect in identityserver4 database e provide basic features (Client, Identity Resource, Api Resource and Persisted Keys)

When are using JP SSO the panel is more complete, it provide not only OAuth2 admin but also for ASP.NET Identity.

SSO

SSO is the same of old repo, with some improvements.

  • Better Event Sourcing (Capturing and storing all Is4 events)
  • Argon2 password hashing
  • base configuration for nginx, including cache improvements
  • Docker compose with nginx