Implement onboarding authentication resolver and related classes#9
Merged
jeyongsong merged 4 commits intomainfrom Feb 7, 2026
Merged
Implement onboarding authentication resolver and related classes#9jeyongsong merged 4 commits intomainfrom
jeyongsong merged 4 commits intomainfrom
Conversation
…and error handling
…nd update related components
Test Results8 tests 8 ✅ 0s ⏱️ Results for commit 3f8a8af. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request refactors the authentication and onboarding flow, introducing a clearer separation between general authenticated requests and onboarding-specific authentication. It removes the old JWT authentication filter and argument resolver, replacing them with two new argument resolvers: one for onboarding endpoints and one for fully onboarded members. The onboarding process is now enforced at the argument resolver level, and related annotations and configuration are updated accordingly.
Authentication and Onboarding Refactor:
JwtAuthenticationFilterandAuthenticatedMemberResolver, along with the now-unusedAuthConstantsobject. This eliminates the previous approach of setting member IDs as request attributes and handling JWT validation in a filter. [1] [2] [3]OnboardingAuthannotation andOnboardingAuthMemberResolver, which validates JWT tokens and allows access to onboarding endpoints for any authenticated user, regardless of onboarding completion. [1] [2]AuthMemberResolver, which validates JWT tokens and enforces onboarding completion by checking profile, payroll, work policy, and required terms agreements before allowing access to endpoints requiring full authentication. Throws a specific exception if onboarding is incomplete.WebConfigto register both new argument resolvers, ensuring the correct resolver is used based on the annotation present in controller methods.Controller and Annotation Usage:
OnboardingControllerto use the new@OnboardingAuthannotation instead of@Auth, ensuring onboarding endpoints are accessible to users who have not yet completed onboarding. [1] [2] [3]Exception and Error Handling:
FORBIDDENerror code with a more specificONBOARDING_INCOMPLETEerror code for cases where onboarding is not finished, and updatedForbiddenExceptionto require an explicit error code. [1] [2]Swagger/OpenAPI Configuration:
SwaggerConfigto ignore the newOnboardingAuthannotation in API documentation, similar to the existing handling forAuth. [1] [2]Other:
AuthenticatedMemberInfodata class to its own file for clarity and reuse. [1] [2]These changes provide a more robust and maintainable authentication system, clearly distinguishing between onboarding and fully authenticated flows.