cancel
Showing results for 
Search instead for 
Did you mean: 

OAuth 2.0 / OpenID Connect Authentication - customer identity management

0 Kudos

OAuth 2.0 / OpenID Connect Authentication - customer identity management

Hello!

 

I'm deploying Magento for the first time.  Version CE 2.3.7 from package.  Added a bunch of plugins, most of which has been OK.  Just doing final integration testing now.

 

We use Gluu for Customer Identity Management.

 

Integrating Gluu with Magento has been a drama.  The Gluu code provided is all for Magento1.  We have it working now with help from a magento marketplace plugin.  But this doesn't really seem the sort of job a plugin is designed for (compared to other plugins I've installed).

 

I can't help think this feature would be better embedded in the core code.

 

Any chance customer identity outsourcing via OAuth 2 / OpenID Connect is a feature planned for a future release?  Either with or without SCIM support for replicating/editing customer profile data.

 

I've written my own integrations for our in-house applications, so I have:

1) test environments

2) a good knowledge of the transactions/protocols involved

3) lots of customer data

4) experience with working with open source development

 

What I don't have is:

1) php experience (I have some)

2) experience with Magento 2 source code

 

If someone is working on OAuth / OpenID authentication for customer identity management in Magento 2 - please reach out. 

 

If you know that adding this to the core Magento2 code is a bad idea, please let me know why.

 

If you think adding this to the core Magento2 code is a good idea, please encourage me.

 

If there is a good place to start (adding this to the core code).

 

If I wanted to work on this, should I fork the 2.4-develop or 2.5-develop branch as the starting point? (I know the contributions guide says 2.4, but I'm wondering why there is a 2.5, and since this is probably not a minor change, or quick change, if targeting 2.5 is more sensible).  I can't find any mention of a planned release timeline for 2.5...

 

TIA!

1 Comment
anonymouse0575
Contributor

It's clear that integrating Gluu with Magento 2, especially using a third-party plugin, is a complex and less-than-ideal solution. The desire for a more integrated, core-level approach is understandable.

Assessing the Feasibility of Core Integration

While integrating OAuth 2.0/OpenID Connect authentication into Magento 2's core is a significant undertaking, it's not impossible. However, it would require substantial development effort and careful consideration of various factors:

Pros:

  • Enhanced Security: A core-level integration could offer stronger security guarantees and potential performance improvements.
  • Improved User Experience: A seamless, native integration could provide a better user experience.
  • Future-Proofing: A core feature would be more likely to receive ongoing support and updates.

Cons:

  • Development Complexity: Implementing such a feature involves a deep understanding of Magento's architecture, security protocols, and potential compatibility issues.
  • Maintenance Overhead: A core feature would require ongoing maintenance and support, which could be resource-intensive.
  • Community Adoption: The community's acceptance and willingness to contribute to such a feature would be crucial.

Practical Steps and Recommendations

  1. Community Engagement:

    • Magento Forums and Stack Overflow: Seek advice and insights from the Magento community.
    • Magento GitHub: Explore existing issues and pull requests related to authentication and identify potential collaborators.
  2. Third-Party Extensions:

    • Evaluate Alternatives: Consider other third-party extensions that might offer more robust and feature-rich OAuth 2.0/OpenID Connect integrations.
    • Customization: If necessary, explore customizing an existing extension to better fit your specific needs.
  3. Custom Development:

    • Forking Magento 2: Forking the 2.4-develop branch is a good starting point, as it's the most active development branch.
    • Modular Approach: Consider breaking down the integration into smaller, modular components to make development and testing easier.
    • Unit and Integration Testing: Write comprehensive tests to ensure the correctness and stability of your implementation.
    • Community Contribution: If your custom development is robust and well-tested, consider contributing it back to the Magento community.

Conclusion

While a core-level integration of OAuth 2.0/OpenID Connect authentication is an ambitious goal, it's not entirely out of reach. By carefully considering the pros and cons, leveraging community resources, and taking a modular approach, you can significantly improve the security and flexibility of your apnetv Magento 2 store.