Author Archives: Mr. Lancer 987

Sprint 2 Retrospective

In this post, I’ll be reflecting on our second sprint towards developing and implementing an Identity and Access Management system for Thea’s Pantry. Coming out of Sprint 1, we had a better idea of Keycloak in general, and we had some basic frameworks for a fake frontend and fake backend. Our sprint goal for Sprint 2 was to fully integrate these components, so that we could provide a proof of concept for the entire workflow, as opposed to just one component. We wanted to be able to force authentication on a frontend page via a Keycloak login page, and then we wanted to be able to store the resultant access token from that interaction so that we can perform authenticated actions without ever talking to Keycloak again.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. I put additional focus/effort this sprint into properly linking related issues, blockers, and tracking various key information in comments, as opposed to just using issues as a task list. Epic

Backend

  • Refactor the backend endpoint to verify the signature of a JWT to ensure authenticity. Note – this was a great learning experience in better understanding how async and await work in JS. This issue took me way too long to resolve. Squash Commit

  • Further briefly modify the endpoint to pull specific custom data out of the generated JWT from Keycloak. Commit

Frontend

  • Configure Docker compose files and Git submodules to containerize all three repositories into the fake frontend to test the whole flow. Commit

  • Completely facelift/refactor/rework/reimplement the fake frontend to use Vue as a build framework to test our implementation in the same context as it will be used in production. Configure dependency and instantiation of Keycloak in the JS to handle redirect and access token storage and usage. Commits: 1 , 2

Something that worked particularly well this sprint was our focus on increased communication. We refactored our working agreement to address some of our shortcomings in communication and accountability, and I felt like this sprint was better for us around the board. We had a bit more direction this sprint, and we accomplished our goal exactly as we laid it out, barring 2 lines of code that we have to add that are just blocked right now.

That said, – at risk of contradicting myself – I feel like something that did not work as well, and that we can continue to improve, is also our communication. Though it was better this sprint, it still definitely felt at times like we were not a team, and instead like we each had our tasks that we would connect on once or twice a week in class meetings. Maybe this is fine, and to be honest it worked okay for the most part, but I feel like in an ideal world for me, I would have us all being very proactive and communicative about our issues, though I don’t know if this is a fair thing to aim for our team to improve, or if maybe I should reevaluate my expectations.

Something I could improve is my focus on defining roles and responsibilities for the general team dynamic, not just for issues. I felt like I focused on accountability for issues on GitLab, for example, but I also feel like I informally assumed the role of Scrum Master / Sprint Lead for this sprint, though we never really defined or said that. It seemed to work fine for us, but it is something I think I could have specified better, instead of just sort of assuming a leadership role.

The pattern I have chosen for this sprint is The Deep End. This is because one of the issues I spent the most time on during this sprint was implementing JWT signature verification. This should not have been a difficult issue, but I really have never worked with functions in js specifically, and for some reason I was caught in a loop of bad syntax and usage of things like const, async, and await. I had no idea what I was doing, and was so lost as to why my code was not working. It took a lot of reading and being lost for a while before finally realizing my error was not the libraries I was using, but just a lack of understanding regarding js. 

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 2 Retrospective

In this post, I’ll be reflecting on our second sprint towards developing and implementing an Identity and Access Management system for Thea’s Pantry. Coming out of Sprint 1, we had a better idea of Keycloak in general, and we had some basic frameworks for a fake frontend and fake backend. Our sprint goal for Sprint 2 was to fully integrate these components, so that we could provide a proof of concept for the entire workflow, as opposed to just one component. We wanted to be able to force authentication on a frontend page via a Keycloak login page, and then we wanted to be able to store the resultant access token from that interaction so that we can perform authenticated actions without ever talking to Keycloak again.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. I put additional focus/effort this sprint into properly linking related issues, blockers, and tracking various key information in comments, as opposed to just using issues as a task list. Epic

Backend

  • Refactor the backend endpoint to verify the signature of a JWT to ensure authenticity. Note – this was a great learning experience in better understanding how async and await work in JS. This issue took me way too long to resolve. Squash Commit

  • Further briefly modify the endpoint to pull specific custom data out of the generated JWT from Keycloak. Commit

Frontend

  • Configure Docker compose files and Git submodules to containerize all three repositories into the fake frontend to test the whole flow. Commit

  • Completely facelift/refactor/rework/reimplement the fake frontend to use Vue as a build framework to test our implementation in the same context as it will be used in production. Configure dependency and instantiation of Keycloak in the JS to handle redirect and access token storage and usage. Commits: 1 , 2

Something that worked particularly well this sprint was our focus on increased communication. We refactored our working agreement to address some of our shortcomings in communication and accountability, and I felt like this sprint was better for us around the board. We had a bit more direction this sprint, and we accomplished our goal exactly as we laid it out, barring 2 lines of code that we have to add that are just blocked right now.

That said, – at risk of contradicting myself – I feel like something that did not work as well, and that we can continue to improve, is also our communication. Though it was better this sprint, it still definitely felt at times like we were not a team, and instead like we each had our tasks that we would connect on once or twice a week in class meetings. Maybe this is fine, and to be honest it worked okay for the most part, but I feel like in an ideal world for me, I would have us all being very proactive and communicative about our issues, though I don’t know if this is a fair thing to aim for our team to improve, or if maybe I should reevaluate my expectations.

Something I could improve is my focus on defining roles and responsibilities for the general team dynamic, not just for issues. I felt like I focused on accountability for issues on GitLab, for example, but I also feel like I informally assumed the role of Scrum Master / Sprint Lead for this sprint, though we never really defined or said that. It seemed to work fine for us, but it is something I think I could have specified better, instead of just sort of assuming a leadership role.

The pattern I have chosen for this sprint is The Deep End. This is because one of the issues I spent the most time on during this sprint was implementing JWT signature verification. This should not have been a difficult issue, but I really have never worked with functions in js specifically, and for some reason I was caught in a loop of bad syntax and usage of things like const, async, and await. I had no idea what I was doing, and was so lost as to why my code was not working. It took a lot of reading and being lost for a while before finally realizing my error was not the libraries I was using, but just a lack of understanding regarding js. 

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 2 Retrospective

In this post, I’ll be reflecting on our second sprint towards developing and implementing an Identity and Access Management system for Thea’s Pantry. Coming out of Sprint 1, we had a better idea of Keycloak in general, and we had some basic frameworks for a fake frontend and fake backend. Our sprint goal for Sprint 2 was to fully integrate these components, so that we could provide a proof of concept for the entire workflow, as opposed to just one component. We wanted to be able to force authentication on a frontend page via a Keycloak login page, and then we wanted to be able to store the resultant access token from that interaction so that we can perform authenticated actions without ever talking to Keycloak again.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. I put additional focus/effort this sprint into properly linking related issues, blockers, and tracking various key information in comments, as opposed to just using issues as a task list. Epic

Backend

  • Refactor the backend endpoint to verify the signature of a JWT to ensure authenticity. Note – this was a great learning experience in better understanding how async and await work in JS. This issue took me way too long to resolve. Squash Commit

  • Further briefly modify the endpoint to pull specific custom data out of the generated JWT from Keycloak. Commit

Frontend

  • Configure Docker compose files and Git submodules to containerize all three repositories into the fake frontend to test the whole flow. Commit

  • Completely facelift/refactor/rework/reimplement the fake frontend to use Vue as a build framework to test our implementation in the same context as it will be used in production. Configure dependency and instantiation of Keycloak in the JS to handle redirect and access token storage and usage. Commits: 1 , 2

Something that worked particularly well this sprint was our focus on increased communication. We refactored our working agreement to address some of our shortcomings in communication and accountability, and I felt like this sprint was better for us around the board. We had a bit more direction this sprint, and we accomplished our goal exactly as we laid it out, barring 2 lines of code that we have to add that are just blocked right now.

That said, – at risk of contradicting myself – I feel like something that did not work as well, and that we can continue to improve, is also our communication. Though it was better this sprint, it still definitely felt at times like we were not a team, and instead like we each had our tasks that we would connect on once or twice a week in class meetings. Maybe this is fine, and to be honest it worked okay for the most part, but I feel like in an ideal world for me, I would have us all being very proactive and communicative about our issues, though I don’t know if this is a fair thing to aim for our team to improve, or if maybe I should reevaluate my expectations.

Something I could improve is my focus on defining roles and responsibilities for the general team dynamic, not just for issues. I felt like I focused on accountability for issues on GitLab, for example, but I also feel like I informally assumed the role of Scrum Master / Sprint Lead for this sprint, though we never really defined or said that. It seemed to work fine for us, but it is something I think I could have specified better, instead of just sort of assuming a leadership role.

The pattern I have chosen for this sprint is The Deep End. This is because one of the issues I spent the most time on during this sprint was implementing JWT signature verification. This should not have been a difficult issue, but I really have never worked with functions in js specifically, and for some reason I was caught in a loop of bad syntax and usage of things like const, async, and await. I had no idea what I was doing, and was so lost as to why my code was not working. It took a lot of reading and being lost for a while before finally realizing my error was not the libraries I was using, but just a lack of understanding regarding js. 

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 2 Retrospective

In this post, I’ll be reflecting on our second sprint towards developing and implementing an Identity and Access Management system for Thea’s Pantry. Coming out of Sprint 1, we had a better idea of Keycloak in general, and we had some basic frameworks for a fake frontend and fake backend. Our sprint goal for Sprint 2 was to fully integrate these components, so that we could provide a proof of concept for the entire workflow, as opposed to just one component. We wanted to be able to force authentication on a frontend page via a Keycloak login page, and then we wanted to be able to store the resultant access token from that interaction so that we can perform authenticated actions without ever talking to Keycloak again.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. I put additional focus/effort this sprint into properly linking related issues, blockers, and tracking various key information in comments, as opposed to just using issues as a task list. Epic

Backend

  • Refactor the backend endpoint to verify the signature of a JWT to ensure authenticity. Note – this was a great learning experience in better understanding how async and await work in JS. This issue took me way too long to resolve. Squash Commit

  • Further briefly modify the endpoint to pull specific custom data out of the generated JWT from Keycloak. Commit

Frontend

  • Configure Docker compose files and Git submodules to containerize all three repositories into the fake frontend to test the whole flow. Commit

  • Completely facelift/refactor/rework/reimplement the fake frontend to use Vue as a build framework to test our implementation in the same context as it will be used in production. Configure dependency and instantiation of Keycloak in the JS to handle redirect and access token storage and usage. Commits: 1 , 2

Something that worked particularly well this sprint was our focus on increased communication. We refactored our working agreement to address some of our shortcomings in communication and accountability, and I felt like this sprint was better for us around the board. We had a bit more direction this sprint, and we accomplished our goal exactly as we laid it out, barring 2 lines of code that we have to add that are just blocked right now.

That said, – at risk of contradicting myself – I feel like something that did not work as well, and that we can continue to improve, is also our communication. Though it was better this sprint, it still definitely felt at times like we were not a team, and instead like we each had our tasks that we would connect on once or twice a week in class meetings. Maybe this is fine, and to be honest it worked okay for the most part, but I feel like in an ideal world for me, I would have us all being very proactive and communicative about our issues, though I don’t know if this is a fair thing to aim for our team to improve, or if maybe I should reevaluate my expectations.

Something I could improve is my focus on defining roles and responsibilities for the general team dynamic, not just for issues. I felt like I focused on accountability for issues on GitLab, for example, but I also feel like I informally assumed the role of Scrum Master / Sprint Lead for this sprint, though we never really defined or said that. It seemed to work fine for us, but it is something I think I could have specified better, instead of just sort of assuming a leadership role.

The pattern I have chosen for this sprint is The Deep End. This is because one of the issues I spent the most time on during this sprint was implementing JWT signature verification. This should not have been a difficult issue, but I really have never worked with functions in js specifically, and for some reason I was caught in a loop of bad syntax and usage of things like const, async, and await. I had no idea what I was doing, and was so lost as to why my code was not working. It took a lot of reading and being lost for a while before finally realizing my error was not the libraries I was using, but just a lack of understanding regarding js. 

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 1 Retrospective

In this post, I’ll be reflecting on my group’s first sprint towards developing an Identity Access Management System for Thea’s Pantry. Our focus in Sprint 1 was really to get a base understanding of Keycloak and to implement a basic framework that would allow us to integrate Keycloak with the pre-existing systems.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. Epic

Backend

Frontend

  • Containerize the fake frontend in a way that allows it to interact with the backend for testing purposes. Containerization

  • Create a dummy frontend with buttons that send mock JWTs to the new backend endpoint for testing purposes. This frontend sends encoded JWTs that contain user roles, receives the encoded role from the backend, and redirects to one of three corresponding landing pages accordingly. Commits: 1 , 2

We got off to a relatively slow start, but this was to be expected in learning a fully new technology. None of us had prior experience with Keycloak, so brainstorming and researching how we might want to implement an authentication / IAM flow was not easy. After some initial barriers, something that worked incredibly well for us was taking the extra time to really break down the work into very small issues or tasks for an individual to do. It was a lot easier to “add an endpoint to the openapi.yaml file” and “create openapi schemas for authentication tokens” than to “create a fake backend that can handle token validation”. Breaking things down as a group really helped us isolate specific tasks with clear deliverables.

Something that didn’t work quite as well for us was our current working agreement. I feel strongly that our working agreement must either be modified heavily or adhered to with more focus. We could take some time to more clearly outline the expectations of each member of the group, which in turn will give us something to reference when we have feedback for each other. We can also improve our communication as a team; our Discord is relatively inactive, and it would benefit us greatly if we each contributed more to the Discord.

Something I could personally improve is my followership. Though we are obviously a team and all working together, a deliberate part of the exercise is to designate a Scrum Master for the sprint and to loosely follow the Scrum framework. I was not the Scrum Master for Sprint 1, and I have a tendency to step up into a leadership role when the opportunity presents itself or when I feel there is something I am able to contribute that is not already present. I think this has its place and value, but I think it is also detrimental in some ways to both the team (as it weakens the team structure) and to the individual designated as Scrum Master (as it removes the opportunity for him or her to lead). I can definitely work on being a follower when it is my turn to be a follower.

The pattern from the book that I’ve chosen to include here is Exposing Your Ignorance. The pattern describes how we all like to be seen as confident and competent and are therefore slow to ask for help when we need it, but the better way forward is to admit our inadequacies and put in the open all of our missing knowledge, as that is a quicker, more effective, and more honest way to deliver. I selected this pattern because I feel it would have been extremely useful to our group throughout the sprint; there were many instances where I felt we each should have asked for more help if we needed it, and instead we tended towards remaining silent so as not to admit that we were lost, even if that meant not completing the work we needed to. I strongly disagree with that method of tackling a problem, and I feel that if we had read this pattern, we may have been much quicker to admit to each other that we need help with X, Y, or Z.

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 1 Retrospective

In this post, I’ll be reflecting on my group’s first sprint towards developing an Identity Access Management System for Thea’s Pantry. Our focus in Sprint 1 was really to get a base understanding of Keycloak and to implement a basic framework that would allow us to integrate Keycloak with the pre-existing systems.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. Epic

Backend

Frontend

  • Containerize the fake frontend in a way that allows it to interact with the backend for testing purposes. Containerization

  • Create a dummy frontend with buttons that send mock JWTs to the new backend endpoint for testing purposes. This frontend sends encoded JWTs that contain user roles, receives the encoded role from the backend, and redirects to one of three corresponding landing pages accordingly. Commits: 1 , 2

We got off to a relatively slow start, but this was to be expected in learning a fully new technology. None of us had prior experience with Keycloak, so brainstorming and researching how we might want to implement an authentication / IAM flow was not easy. After some initial barriers, something that worked incredibly well for us was taking the extra time to really break down the work into very small issues or tasks for an individual to do. It was a lot easier to “add an endpoint to the openapi.yaml file” and “create openapi schemas for authentication tokens” than to “create a fake backend that can handle token validation”. Breaking things down as a group really helped us isolate specific tasks with clear deliverables.

Something that didn’t work quite as well for us was our current working agreement. I feel strongly that our working agreement must either be modified heavily or adhered to with more focus. We could take some time to more clearly outline the expectations of each member of the group, which in turn will give us something to reference when we have feedback for each other. We can also improve our communication as a team; our Discord is relatively inactive, and it would benefit us greatly if we each contributed more to the Discord.

Something I could personally improve is my followership. Though we are obviously a team and all working together, a deliberate part of the exercise is to designate a Scrum Master for the sprint and to loosely follow the Scrum framework. I was not the Scrum Master for Sprint 1, and I have a tendency to step up into a leadership role when the opportunity presents itself or when I feel there is something I am able to contribute that is not already present. I think this has its place and value, but I think it is also detrimental in some ways to both the team (as it weakens the team structure) and to the individual designated as Scrum Master (as it removes the opportunity for him or her to lead). I can definitely work on being a follower when it is my turn to be a follower.

The pattern from the book that I’ve chosen to include here is Exposing Your Ignorance. The pattern describes how we all like to be seen as confident and competent and are therefore slow to ask for help when we need it, but the better way forward is to admit our inadequacies and put in the open all of our missing knowledge, as that is a quicker, more effective, and more honest way to deliver. I selected this pattern because I feel it would have been extremely useful to our group throughout the sprint; there were many instances where I felt we each should have asked for more help if we needed it, and instead we tended towards remaining silent so as not to admit that we were lost, even if that meant not completing the work we needed to. I strongly disagree with that method of tackling a problem, and I feel that if we had read this pattern, we may have been much quicker to admit to each other that we need help with X, Y, or Z.

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 1 Retrospective

In this post, I’ll be reflecting on my group’s first sprint towards developing an Identity Access Management System for Thea’s Pantry. Our focus in Sprint 1 was really to get a base understanding of Keycloak and to implement a basic framework that would allow us to integrate Keycloak with the pre-existing systems.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. Epic

Backend

Frontend

  • Containerize the fake frontend in a way that allows it to interact with the backend for testing purposes. Containerization

  • Create a dummy frontend with buttons that send mock JWTs to the new backend endpoint for testing purposes. This frontend sends encoded JWTs that contain user roles, receives the encoded role from the backend, and redirects to one of three corresponding landing pages accordingly. Commits: 1 , 2

We got off to a relatively slow start, but this was to be expected in learning a fully new technology. None of us had prior experience with Keycloak, so brainstorming and researching how we might want to implement an authentication / IAM flow was not easy. After some initial barriers, something that worked incredibly well for us was taking the extra time to really break down the work into very small issues or tasks for an individual to do. It was a lot easier to “add an endpoint to the openapi.yaml file” and “create openapi schemas for authentication tokens” than to “create a fake backend that can handle token validation”. Breaking things down as a group really helped us isolate specific tasks with clear deliverables.

Something that didn’t work quite as well for us was our current working agreement. I feel strongly that our working agreement must either be modified heavily or adhered to with more focus. We could take some time to more clearly outline the expectations of each member of the group, which in turn will give us something to reference when we have feedback for each other. We can also improve our communication as a team; our Discord is relatively inactive, and it would benefit us greatly if we each contributed more to the Discord.

Something I could personally improve is my followership. Though we are obviously a team and all working together, a deliberate part of the exercise is to designate a Scrum Master for the sprint and to loosely follow the Scrum framework. I was not the Scrum Master for Sprint 1, and I have a tendency to step up into a leadership role when the opportunity presents itself or when I feel there is something I am able to contribute that is not already present. I think this has its place and value, but I think it is also detrimental in some ways to both the team (as it weakens the team structure) and to the individual designated as Scrum Master (as it removes the opportunity for him or her to lead). I can definitely work on being a follower when it is my turn to be a follower.

The pattern from the book that I’ve chosen to include here is Exposing Your Ignorance. The pattern describes how we all like to be seen as confident and competent and are therefore slow to ask for help when we need it, but the better way forward is to admit our inadequacies and put in the open all of our missing knowledge, as that is a quicker, more effective, and more honest way to deliver. I selected this pattern because I feel it would have been extremely useful to our group throughout the sprint; there were many instances where I felt we each should have asked for more help if we needed it, and instead we tended towards remaining silent so as not to admit that we were lost, even if that meant not completing the work we needed to. I strongly disagree with that method of tackling a problem, and I feel that if we had read this pattern, we may have been much quicker to admit to each other that we need help with X, Y, or Z.

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 1 Retrospective

In this post, I’ll be reflecting on my group’s first sprint towards developing an Identity Access Management System for Thea’s Pantry. Our focus in Sprint 1 was really to get a base understanding of Keycloak and to implement a basic framework that would allow us to integrate Keycloak with the pre-existing systems.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. Epic

Backend

Frontend

  • Containerize the fake frontend in a way that allows it to interact with the backend for testing purposes. Containerization

  • Create a dummy frontend with buttons that send mock JWTs to the new backend endpoint for testing purposes. This frontend sends encoded JWTs that contain user roles, receives the encoded role from the backend, and redirects to one of three corresponding landing pages accordingly. Commits: 1 , 2

We got off to a relatively slow start, but this was to be expected in learning a fully new technology. None of us had prior experience with Keycloak, so brainstorming and researching how we might want to implement an authentication / IAM flow was not easy. After some initial barriers, something that worked incredibly well for us was taking the extra time to really break down the work into very small issues or tasks for an individual to do. It was a lot easier to “add an endpoint to the openapi.yaml file” and “create openapi schemas for authentication tokens” than to “create a fake backend that can handle token validation”. Breaking things down as a group really helped us isolate specific tasks with clear deliverables.

Something that didn’t work quite as well for us was our current working agreement. I feel strongly that our working agreement must either be modified heavily or adhered to with more focus. We could take some time to more clearly outline the expectations of each member of the group, which in turn will give us something to reference when we have feedback for each other. We can also improve our communication as a team; our Discord is relatively inactive, and it would benefit us greatly if we each contributed more to the Discord.

Something I could personally improve is my followership. Though we are obviously a team and all working together, a deliberate part of the exercise is to designate a Scrum Master for the sprint and to loosely follow the Scrum framework. I was not the Scrum Master for Sprint 1, and I have a tendency to step up into a leadership role when the opportunity presents itself or when I feel there is something I am able to contribute that is not already present. I think this has its place and value, but I think it is also detrimental in some ways to both the team (as it weakens the team structure) and to the individual designated as Scrum Master (as it removes the opportunity for him or her to lead). I can definitely work on being a follower when it is my turn to be a follower.

The pattern from the book that I’ve chosen to include here is Exposing Your Ignorance. The pattern describes how we all like to be seen as confident and competent and are therefore slow to ask for help when we need it, but the better way forward is to admit our inadequacies and put in the open all of our missing knowledge, as that is a quicker, more effective, and more honest way to deliver. I selected this pattern because I feel it would have been extremely useful to our group throughout the sprint; there were many instances where I felt we each should have asked for more help if we needed it, and instead we tended towards remaining silent so as not to admit that we were lost, even if that meant not completing the work we needed to. I strongly disagree with that method of tackling a problem, and I feel that if we had read this pattern, we may have been much quicker to admit to each other that we need help with X, Y, or Z.

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 1 Retrospective

In this post, I’ll be reflecting on my group’s first sprint towards developing an Identity Access Management System for Thea’s Pantry. Our focus in Sprint 1 was really to get a base understanding of Keycloak and to implement a basic framework that would allow us to integrate Keycloak with the pre-existing systems.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. Epic

Backend

Frontend

  • Containerize the fake frontend in a way that allows it to interact with the backend for testing purposes. Containerization

  • Create a dummy frontend with buttons that send mock JWTs to the new backend endpoint for testing purposes. This frontend sends encoded JWTs that contain user roles, receives the encoded role from the backend, and redirects to one of three corresponding landing pages accordingly. Commits: 1 , 2

We got off to a relatively slow start, but this was to be expected in learning a fully new technology. None of us had prior experience with Keycloak, so brainstorming and researching how we might want to implement an authentication / IAM flow was not easy. After some initial barriers, something that worked incredibly well for us was taking the extra time to really break down the work into very small issues or tasks for an individual to do. It was a lot easier to “add an endpoint to the openapi.yaml file” and “create openapi schemas for authentication tokens” than to “create a fake backend that can handle token validation”. Breaking things down as a group really helped us isolate specific tasks with clear deliverables.

Something that didn’t work quite as well for us was our current working agreement. I feel strongly that our working agreement must either be modified heavily or adhered to with more focus. We could take some time to more clearly outline the expectations of each member of the group, which in turn will give us something to reference when we have feedback for each other. We can also improve our communication as a team; our Discord is relatively inactive, and it would benefit us greatly if we each contributed more to the Discord.

Something I could personally improve is my followership. Though we are obviously a team and all working together, a deliberate part of the exercise is to designate a Scrum Master for the sprint and to loosely follow the Scrum framework. I was not the Scrum Master for Sprint 1, and I have a tendency to step up into a leadership role when the opportunity presents itself or when I feel there is something I am able to contribute that is not already present. I think this has its place and value, but I think it is also detrimental in some ways to both the team (as it weakens the team structure) and to the individual designated as Scrum Master (as it removes the opportunity for him or her to lead). I can definitely work on being a follower when it is my turn to be a follower.

The pattern from the book that I’ve chosen to include here is Exposing Your Ignorance. The pattern describes how we all like to be seen as confident and competent and are therefore slow to ask for help when we need it, but the better way forward is to admit our inadequacies and put in the open all of our missing knowledge, as that is a quicker, more effective, and more honest way to deliver. I selected this pattern because I feel it would have been extremely useful to our group throughout the sprint; there were many instances where I felt we each should have asked for more help if we needed it, and instead we tended towards remaining silent so as not to admit that we were lost, even if that meant not completing the work we needed to. I strongly disagree with that method of tackling a problem, and I feel that if we had read this pattern, we may have been much quicker to admit to each other that we need help with X, Y, or Z.

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.

Sprint 1 Retrospective

In this post, I’ll be reflecting on my group’s first sprint towards developing an Identity Access Management System for Thea’s Pantry. Our focus in Sprint 1 was really to get a base understanding of Keycloak and to implement a basic framework that would allow us to integrate Keycloak with the pre-existing systems.

Some of my personal work towards that goal was as follows:

GitLab

  • Documenting our low-level issues in GitLab and assigning them accordingly. Epic

Backend

Frontend

  • Containerize the fake frontend in a way that allows it to interact with the backend for testing purposes. Containerization

  • Create a dummy frontend with buttons that send mock JWTs to the new backend endpoint for testing purposes. This frontend sends encoded JWTs that contain user roles, receives the encoded role from the backend, and redirects to one of three corresponding landing pages accordingly. Commits: 1 , 2

We got off to a relatively slow start, but this was to be expected in learning a fully new technology. None of us had prior experience with Keycloak, so brainstorming and researching how we might want to implement an authentication / IAM flow was not easy. After some initial barriers, something that worked incredibly well for us was taking the extra time to really break down the work into very small issues or tasks for an individual to do. It was a lot easier to “add an endpoint to the openapi.yaml file” and “create openapi schemas for authentication tokens” than to “create a fake backend that can handle token validation”. Breaking things down as a group really helped us isolate specific tasks with clear deliverables.

Something that didn’t work quite as well for us was our current working agreement. I feel strongly that our working agreement must either be modified heavily or adhered to with more focus. We could take some time to more clearly outline the expectations of each member of the group, which in turn will give us something to reference when we have feedback for each other. We can also improve our communication as a team; our Discord is relatively inactive, and it would benefit us greatly if we each contributed more to the Discord.

Something I could personally improve is my followership. Though we are obviously a team and all working together, a deliberate part of the exercise is to designate a Scrum Master for the sprint and to loosely follow the Scrum framework. I was not the Scrum Master for Sprint 1, and I have a tendency to step up into a leadership role when the opportunity presents itself or when I feel there is something I am able to contribute that is not already present. I think this has its place and value, but I think it is also detrimental in some ways to both the team (as it weakens the team structure) and to the individual designated as Scrum Master (as it removes the opportunity for him or her to lead). I can definitely work on being a follower when it is my turn to be a follower.

The pattern from the book that I’ve chosen to include here is Exposing Your Ignorance. The pattern describes how we all like to be seen as confident and competent and are therefore slow to ask for help when we need it, but the better way forward is to admit our inadequacies and put in the open all of our missing knowledge, as that is a quicker, more effective, and more honest way to deliver. I selected this pattern because I feel it would have been extremely useful to our group throughout the sprint; there were many instances where I felt we each should have asked for more help if we needed it, and instead we tended towards remaining silent so as not to admit that we were lost, even if that meant not completing the work we needed to. I strongly disagree with that method of tackling a problem, and I feel that if we had read this pattern, we may have been much quicker to admit to each other that we need help with X, Y, or Z.

From the blog Mr. Lancer 987's Blog by Mr. Lancer 987 and used with permission of the author. All other rights reserved by the author.