Generalized OIDC Authentication for dolphinScheduler

[shreyas957]

Hi all,

I have been working on integrating a more generalized OIDC authentication mechanism for DolphinScheduler. Currently, DolphinScheduler supports Password, LDAP, Casdoor SSO, and OAuth-based authentication, but the existing Casdoor SSO integration is tightly coupled, making it difficult to support other OIDC providers like Keycloak, Dex, and Auth0, Okta, etc.

I am planning to decouple the current authentication system and implement entire new more flexible OIDC-based authentication using Spring Security, which will allow seamless integration with any OIDC provider.

I would love to hear your thoughts on this approach and any suggestions for improvement.
issue link : https://issues.apache.org/jira/browse/GSOC-284

CC: @Gallardot @SbloodyS

[wangyuening0522]

hi，this is my thought of Generalized OIDC Authentication. https://scratched-plantain-66c.notion.site/Dolphin-GSOC-1c99cf65559d80788cf8c1f2939ce4dc
I'd appreciate any suggestions on how to make this better.@Gallardot @SbloodyS