Oauth & Docker

Spring Boot: Dockerization

  • Oauth
    • https://speakerdeck.com/championswimmer/authentication-done-right-consuming-and-serving-oauth2-dot-0?slide=21
    • Identification -> Identifying the request uniquely(saying I am Venkat)
    • Authentication -> registered identity(Proving with ID card)
    • Authorization -> permission to resources(giving car key to another person)
  • HTTP error
    • 401 -> not authenticated
    • 403 -> authenticated but NOT authorized
  • Authentication via Authorization
    • Services that don't save password. Rather it accepts/saves only phone and sends OTP. Service/app is authorized to read sms/email. Given I am authorized to read sms/email which indirect way of authentication.
  • Single signon
    • First party sso
      • Google sites with google authenticator
    • Third party sso
      • Spotify using google authenticator
  • Oauth 
    • client/apps sends request to github(oauth provider) with client id & request uri
    • oauth provider shows UI to end user to provide login page
    • user authenticates & accepts the authorization confirmation
    • Implicit Flow(bit insecure)-> 2 legged flow
      • Oauth provider redirects with auth_token
      • apps frontend sends the auth_token and gets required resources from Server
    • Explicit Flow -> 3 legged flow
      • Oauth provider redirects with grant_code
      • apps backend exchanges grant_code with auth_token(ip address is whitelisted for server alone for security/safety)
      • app sends the auth_token and gets required resources from Server
  • Virtual machines
    • Physical hardware break into multiple virtual machines  
    • They need dedicated amount of OS, RAM and storage
  • Kernel features that support Containers
    • namespace provides process isolation & resource allocation
    • c group is responsible for storage and memory
  • Docker cli interacts with docker daemon which inturn interacts with containerd
  • containerd is reponsible for name space and c group
  • shim is responsible for interaction logic with containers
  • It detaches container lifecycle with containerd
  • Dockerfile
    • FROM open-jdk:19-alpine
      COPY /target/xyz.jar  /app.jar
      CMD ["java","run","/app.jar"]
  • docker build -t bootdocker:1 . 
  • docker images

Comments

Post a Comment

Popular posts from this blog

Low Level Designs

Introduction to OOP & LLD High level Design HLD Deals with different infrastructure layers that are going to work together for efficient working of a system. Load balancer, appln servers, DB, Cache Low Level Design(Object oriented design) Deals with details/implementation of software/code that is running A research says that an software engineer only spends 12% of time doing coding. Other 88% goes in other productive things like meetings, reviews, testing, automation. LLD helps make better use of 88% of time LLD includes Readable & understandable Requirement gathering Extensible system -> easy to add new features Maintainable system -> Easy to keep current system(w/o new requirements) working. Bugs/updates/3rd party library changes, Programmatic Paradigm Procedural -> C Set of instructions(Function),  Action is performed on Entities(in real world Entities perform action) Any procedure can play around with entity attributes Object Oriented -> Java, Python, JS, c#...
Read more

System Design

Load balancer Does only routing and no computing. Hence, it can handle higher traffic.  To avoid single point of failure, have a standby routing server. Standby comes into picture only when main server goes down. Assign the same static IP to passive Standby server. Modern systems can route 1M requests per sec Managing large datasets Vertical scaling - Increasing capacity of server Functional Scaling -  Split data logically like users, purchasing..  Microservices share data to other apis Implemented at Application layer Horizontal scaling Also called as Sharding Split and store single logical database over multiple servers called data nodes Can be implemented at Application layer or DB layer Consistent Hashing Distribution scheme that doesn’t directly depend on number of servers, so that, the number of keys to be redistributed is minimised. Consistent Hashing ring Say 2 hash functions Hs & Hc Hs - Marks servers on consistent hashing ring Hc is used to mark partition ke...
Read more

CS Fundamentals

 Operating Systems - 1 Resource Manager API for apps developers(It gives set of methods(system calls) that can be made by applications to get work done from the resources   UniProgramming :  Only one program can run at a time - ATM Embedded systems Multi Programming More than one program at a time Multi-tasking systems is same as multi program systems Unix: MacOS, Linux(programs) Windows: Tasks 2 types of multi program categorization non-preemtive supports mutli-programming but only one program runs at a time you cannot switch to another program until the current one completes Preemptive - where a task can be paused/stopped in the middle of execution CPU vs GPU CPU is one intelligent person with speed in GHz GPU is 100 not so intelligent persons with speed 600 MHz Program - set of instructions to run. It is stored on disk Process - Program that is running. It is stored on RAM and run by CPU Process Control Block (PCB) Info about all the process running id resources used(m...
Read more