On 2025/03/28 15:45:04 Oliver Lietz wrote: Hi Oliver,
> > Currently, sling-commons-crypto contains both interfaces and > > implementations. I would like to contribute to the sling-auth-oauth-client > > bundle, which depends on sling-commons-crypto, but I prefer to avoid > > including its implementation in our product. Ideally, > > sling-auth-oauth-client would depend on a separate SPI package, which would > > require splitting sling-commons-crypto into an API (SPI) and an > > implementation bundle. Would you agree with this approach? > > What are you trying to achieve? Or what are you trying to prevent? > The bundle is quite lightweight and all the dependencies of the included > implementations are optional. > Starting from the work done in sling-auth-oauth-client I'm trying to implement an OpenID Connect Authentication Handler. My plan is to use a different crypto provider and implement the interfaces exposed by sling-commons-crypto. Having the interfaces and implementation in the same package force me to include sling-commons-crypto bundle in our product ending up with 2 crypto implementations. Regards Nicola
