The migration of the MTS partnership platform from the outdated corporate SDK and SSO corporate agent to standard OAuth2/OIDC with refactoring of the entire internal security architecture.
Challenges
- 7 authentication scenarios, differing in the type of principal, flow, resource, session management method, etc.;
- 2 IDPs (OAuth2/OIDC) + various legacies (forms, LDAP, HTTP Basic, etc.) in simultaneous operation;
- 2 own web resources and 10 related ones for different audiences using platform functions;
- 2 technological reversals and 4 years of work.
The speech delved into architecture, OAuth2, microservices, OWASP recommendations, Spring and Spring Cloud Gateway.