[
https://issues.apache.org/jira/browse/GSOC-284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hengliang Tan updated GSOC-284:
-------------------------------
Description:
h1. Background
Apache DolphinScheduler is a distributed and extensible workflow scheduler
platform designed to orchestrate complex data processing tasks. It provides a
user-friendly interface for defining, scheduling, and monitoring workflows,
making it easier to manage and automate data pipelines. DolphinScheduler
supports various types of tasks, including shell scripts, SQL queries, and
custom scripts, and integrates seamlessly with popular big data ecosystems.
Currently, the Apache DolphinScheduler system supports user login via Password,
LDAP, Casdoor SSO, and OAuth. However, as a data platform, it frequently needs
to integrate with enterprise - internal user accounts to achieve unified
identity authentication, which is crucial for ensuring system security and
unified user account management. The existing implementation of Casdoor has a
high degree of dependence on the Casdoor project, and the OAuth implementation
lacks universality and flexibility.
Our objective is to implement a more generalized OIDC (OpenID Connect) login
authentication mechanism. This will enable users to make better use of unified
login authentication. Moreover, popular open source login authentication
projects like Dexidp, Keycloak, and OAuthProxy all support OIDC. By supporting
OIDC, users can integrate with both internal and third-party login
authentication methods, such as Feishu Login and WeChat Work Login.
h1. Relevant Skills
Strong proficiency in Java development.
Experience in modern frontend technologies and frameworks.
Highlevel expertise in Spring Boot development.
Thorough familiarity with OIDC and OAuth2 protocols.
Keen interest in opensource projects and eagerness to learn and adapt.
h1. Tasks
Initiate and conduct experiments with Apache DolphinScheduler to
comprehensively understand its current functionalities.
Implement and support a more generalized OIDC (OpenID Connect) login
authentication mechanism.
Compose corresponding E2E test cases.
Create corresponding documentation for third-party login integrations, covering
Keycloak, Dexidp, OAuthProxy, as well as Feishu Login and WeChat Work Login.
Optimize the UI of the Apache DolphinScheduler login page.
Ensure compatibility with the existing functionalities of Apache
DolphinScheduler during the process of focusing on enhancements.
h1. Learning Material
Apache DolphinScheduler HomePage:
[https://dolphinscheduler.apache.org|https://dolphinscheduler.apache.org/]
Apache DolphinScheduler GitHub Repository:
[https://github.com/apache/dolphinscheduler]
Sprint OAuth 2.0 Client:
[https://docs.spring.io/spring-security/reference/reactive/oauth2/client/index.html]
pac4j OIDC: https://www.pac4j.org/docs/clients/openid-connect.html
OIDC (OpenID Connect): [https://openid.net/developers/how-connect-works/]
h1. Mentor
Gallardot, Apache DolphinScheduler committer,
[gallar...@apache.org|mailto:gallar...@apache.org]
SbloodyS, Apache DolphinScheduler PMC,
[zihaoxi...@apache.org|mailto:zihaoxi...@apache.org]
Difficulty: Medium
Project Size: ~150 hours (medium)
was:
h1. Background
Apache DolphinScheduler is a distributed and extensible workflow scheduler
platform designed to orchestrate complex data processing tasks. It provides a
user-friendly interface for defining, scheduling, and monitoring workflows,
making it easier to manage and automate data pipelines. DolphinScheduler
supports various types of tasks, including shell scripts, SQL queries, and
custom scripts, and integrates seamlessly with popular big data ecosystems.
Currently, the Apache DolphinScheduler system supports user login via Password,
LDAP, Casdoor SSO, and OAuth. However, as a data platform, it frequently needs
to integrate with enterprise - internal user accounts to achieve unified
identity authentication, which is crucial for ensuring system security and
unified user account management. The existing implementation of Casdoor has a
high degree of dependence on the Casdoor project, and the OAuth implementation
lacks universality and flexibility.
Our objective is to implement a more generalized OIDC (OpenID Connect) login
authentication mechanism. This will enable users to make better use of unified
login authentication. Moreover, popular open source login authentication
projects like Dexidp, Keycloak, and OAuthProxy all support OIDC. By supporting
OIDC, users can integrate with both internal and third-party login
authentication methods, such as Feishu Login and WeChat Work Login.
h1. Relevant Skills
Strong proficiency in Java development.
Experience in modern frontend technologies and frameworks.
Highlevel expertise in Spring Boot development.
Thorough familiarity with OIDC and OAuth2 protocols.
Keen interest in opensource projects and eagerness to learn and adapt.
h1. Tasks
Initiate and conduct experiments with Apache DolphinScheduler to
comprehensively understand its current functionalities.
Implement and support a more generalized OIDC (OpenID Connect) login
authentication mechanism.
Compose corresponding E2E test cases.
Create corresponding documentation for third-party login integrations, covering
Keycloak, Dexidp, OAuthProxy, as well as Feishu Login and WeChat Work Login.
Optimize the UI of the Apache DolphinScheduler login page.
Ensure compatibility with the existing functionalities of Apache
DolphinScheduler during the process of focusing on enhancements.
h1. Learning Material
Apache DolphinScheduler HomePage:
[https://dolphinscheduler.apache.org|https://dolphinscheduler.apache.org/]
Apache DolphinScheduler GitHub Repository:
[https://github.com/apache/dolphinscheduler]
Sprint OAuth 2.0 Client:
[https://docs.spring.io/spring-security/reference/reactive/oauth2/client/index.html]
OIDC (OpenID Connect): [https://openid.net/developers/how-connect-works/]
h1. Mentor
Gallardot, Apache DolphinScheduler committer,
[gallar...@apache.org|mailto:gallar...@apache.org]
SbloodyS, Apache DolphinScheduler PMC,
[zihaoxi...@apache.org|mailto:zihaoxi...@apache.org]
Difficulty: Medium
Project Size: ~150 hours (medium)
> Enhancing Apache DolphinScheduler with Generalized OIDC Authentication
> ----------------------------------------------------------------------
>
> Key: GSOC-284
> URL: https://issues.apache.org/jira/browse/GSOC-284
> Project: Comdev GSOC
> Issue Type: New Feature
> Reporter: Hengliang Tan
> Priority: Major
> Labels: DolphinScheduler, gsoc2025, mentor, part-time
>
> h1. Background
> Apache DolphinScheduler is a distributed and extensible workflow scheduler
> platform designed to orchestrate complex data processing tasks. It provides a
> user-friendly interface for defining, scheduling, and monitoring workflows,
> making it easier to manage and automate data pipelines. DolphinScheduler
> supports various types of tasks, including shell scripts, SQL queries, and
> custom scripts, and integrates seamlessly with popular big data ecosystems.
> Currently, the Apache DolphinScheduler system supports user login via
> Password, LDAP, Casdoor SSO, and OAuth. However, as a data platform, it
> frequently needs to integrate with enterprise - internal user accounts to
> achieve unified identity authentication, which is crucial for ensuring system
> security and unified user account management. The existing implementation of
> Casdoor has a high degree of dependence on the Casdoor project, and the OAuth
> implementation lacks universality and flexibility.
> Our objective is to implement a more generalized OIDC (OpenID Connect) login
> authentication mechanism. This will enable users to make better use of
> unified login authentication. Moreover, popular open source login
> authentication projects like Dexidp, Keycloak, and OAuthProxy all support
> OIDC. By supporting OIDC, users can integrate with both internal and
> third-party login authentication methods, such as Feishu Login and WeChat
> Work Login.
> h1. Relevant Skills
> Strong proficiency in Java development.
> Experience in modern frontend technologies and frameworks.
> Highlevel expertise in Spring Boot development.
> Thorough familiarity with OIDC and OAuth2 protocols.
> Keen interest in opensource projects and eagerness to learn and adapt.
> h1. Tasks
> Initiate and conduct experiments with Apache DolphinScheduler to
> comprehensively understand its current functionalities.
> Implement and support a more generalized OIDC (OpenID Connect) login
> authentication mechanism.
> Compose corresponding E2E test cases.
> Create corresponding documentation for third-party login integrations,
> covering Keycloak, Dexidp, OAuthProxy, as well as Feishu Login and WeChat
> Work Login.
> Optimize the UI of the Apache DolphinScheduler login page.
> Ensure compatibility with the existing functionalities of Apache
> DolphinScheduler during the process of focusing on enhancements.
> h1. Learning Material
>
> Apache DolphinScheduler HomePage:
> [https://dolphinscheduler.apache.org|https://dolphinscheduler.apache.org/]
> Apache DolphinScheduler GitHub Repository:
> [https://github.com/apache/dolphinscheduler]
> Sprint OAuth 2.0 Client:
> [https://docs.spring.io/spring-security/reference/reactive/oauth2/client/index.html]
> pac4j OIDC: https://www.pac4j.org/docs/clients/openid-connect.html
> OIDC (OpenID Connect): [https://openid.net/developers/how-connect-works/]
> h1. Mentor
> Gallardot, Apache DolphinScheduler committer,
> [gallar...@apache.org|mailto:gallar...@apache.org]
> SbloodyS, Apache DolphinScheduler PMC,
> [zihaoxi...@apache.org|mailto:zihaoxi...@apache.org]
> Difficulty: Medium
> Project Size: ~150 hours (medium)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: gsoc-unsubscr...@community.apache.org
For additional commands, e-mail: gsoc-h...@community.apache.org
