Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

ApiResource default constructor leads to unexpected behavior #836

Closed
giggio opened this issue Feb 21, 2017 · 7 comments
Closed

ApiResource default constructor leads to unexpected behavior #836

giggio opened this issue Feb 21, 2017 · 7 comments
Labels
enhancement

Comments

@giggio
Copy link

giggio commented Feb 21, 2017

These 2 snippets produce different results:

new ApiResource("foo");
new ApiResource()
{
    Name = "foo"
};

This is because setting the property Name does not add the scope to the scope list, but the parameterized constructor does create the Scope list. See

IdentityServer4/src/IdentityServer4/Models/ApiResource.cs

Line 43 in 305347e

Scopes.Add(new Scope(name, displayName));

This is not idiomatic C#, and will generate all sorts of confusion, as people will not imagine that the two snippets produce different results. I suggest you make the default constructor private.

Also, the docs do not mention the difference. See https://identityserver4.readthedocs.io/en/release/quickstarts/1_client_credentials.html
@leastprivilege
Copy link
Member

What shall we do with this? Change behavior / add docs? breaking change?

@brockallen
Copy link
Member

@giggio suggestions?

@giggio
Copy link
Author

giggio commented Apr 4, 2017

It depends on your release strategy. If you are planning on keeping evolving IS, and release versions 5, 6, etc, following semver, than I would deprecate the parameterless constructor on version 4 (with a message warning for the problem), and remove it on version 5. At the same time, post the problem on the docs, alerting people for the problem.
It would also be a good idea to make the Name property read only, to avoid confusion, along with DisplayName.
Whatever way you decide, try to leave only one way to do things, to avoid confusion. I am not sure my suggestion above follows your plans to IS, so maybe you will approach it differently. But make it so that there is only one way to do it. I spent a lot of time trying to figure out why I had a problem, the current way things are set makes it harder to use the library.

@brockallen
Copy link
Member

brockallen commented Apr 9, 2017
edited

I think what was meant was how to make a nicer API that allows both a convenient one-liner to do the simple common scenario, and yet still allow the more complex configuration.

As a bit of background, we originally chose the ctor approach for discoverability, rather than a static factory style API.

@brockallen brockallen mentioned this issue Apr 10, 2017
Closed
@brockallen
Copy link
Member

We discussed and we like the ctor approach. We'll improve the docs and see if that helps.

@agilenut
Copy link

I personally don't believe that the constructor should generate a scope for you unless you explicitly tell it too via another parameter. We have several APIs that have multiple scopes. The Name is going to be different than the scope name. If the only constructor available sets the scope by default, we'd have to rip it out after construction and then add additional scopes. That seems messy.

@lock
Copy link

lock bot commented Jan 14, 2020

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jan 14, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@giggio @brockallen @agilenut @leastprivilege