Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add Granular OAuth Scopes #169

Merged
merged 55 commits into from
Sep 16, 2021
Merged

feat: add Granular OAuth Scopes #169

merged 55 commits into from
Sep 16, 2021

Conversation

tassja
Copy link
Collaborator

@tassja tassja commented Aug 12, 2021
edited
Loading

Closes #159

@tassja tassja requested a review from stakach August 12, 2021 22:41
@tassja tassja self-assigned this Aug 12, 2021
caspiano
caspiano reviewed Aug 13, 2021
View reviewed changes
spec/helper.cr Outdated Show resolved Hide resolved
spec/helper.cr Outdated Show resolved Hide resolved
spec/helper.cr Outdated Show resolved Hide resolved
caspiano
caspiano reviewed Aug 13, 2021
View reviewed changes
spec/helper.cr Outdated Show resolved Hide resolved
@tassja tassja requested a review from stakach August 16, 2021 03:51
@tassja tassja marked this pull request as ready for review August 16, 2021 08:39
@caspiano caspiano mentioned this pull request Aug 16, 2021
Closed
@tassja tassja marked this pull request as ready for review August 25, 2021 04:04
@stakach stakach mentioned this pull request Aug 27, 2021
Closed
caspiano
caspiano reviewed Aug 30, 2021
View reviewed changes
Copy link
Contributor

@caspiano caspiano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some minor changes needed, but I think we're almost there.

I do have one idea that would be good for enforcing good practice.

At compile time, we should check that every single route has at least one associated scope check. To allow unscoped routes, we should have an unscoped_route helper that allows it to go unscoped.
This will unscoped holes opening up across the API surface

spec/brokers_spec.cr Outdated Show resolved Hide resolved
src/placeos-rest-api/error.cr Outdated Show resolved Hide resolved
spec/root_spec.cr Outdated Show resolved Hide resolved
@kimburgess kimburgess mentioned this pull request Sep 1, 2021
Merged
@tassja tassja requested a review from caspiano September 7, 2021 00:12
caspiano
caspiano approved these changes Sep 9, 2021
View reviewed changes
Copy link
Contributor

@caspiano caspiano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Made one note on the comment

stakach
stakach approved these changes Sep 16, 2021
View reviewed changes
Copy link
Member

@stakach stakach left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

@tassja tassja merged commit b1e5698 into master Sep 16, 2021
@tassja tassja deleted the ouath-scope branch September 16, 2021 02:33
@caspiano caspiano added the type: enhancement new feature or request label Sep 16, 2021
@caspiano caspiano mentioned this pull request Sep 16, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@caspiano caspiano caspiano approved these changes

@stakach stakach stakach approved these changes

Assignees

@tassja tassja

Labels
type: enhancement new feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement Granular OAuth Scopes
3 participants
@tassja @stakach @caspiano