Expose GetPassword via the GRPC API #1271
Conversation
GetPassword was already wired up to storage and everything, just took a bit more work to wire it through the API. This will be super helpful when building things on top of Dex as you can retrieve a password without enumerating the entire store via ListPasswords.
tylercloke
force-pushed
the
tc/add-get-password-to-api
branch
from
5ce6561
to
f1b7756
Compare
| @@ -48,6 +48,7 @@ Finally run the Dex client providing the CA certificate, client certificate and | |||
| Running the gRPC client will cause the following API calls to be made to the server | |||
| 1. CreatePassword | |||
| 2. ListPasswords | |||
| 3. GetPassword | |||
| 3. DeletePassword | |||
There was a problem hiding this comment.
[nit] I know it doesn't matter for presentation, but it's nicer to read this in raw form if the numbers are actually consecutive -- can you make DeletePassword a 4.?
There was a problem hiding this comment.
I was trying to maintain the style, but I'm just gonna make them all 1.
| } | ||
|
|
||
| return &api.GetPasswordResp{ | ||
| NotFound: false, |
There was a problem hiding this comment.
[nit] this line is superfluous, but being explicit is OK 👍
There was a problem hiding this comment.
Yep was trying to be explicit.
|
@ericchiang What do you think about this one? While #1020 would resolve our need for using dex for user storage, as long as that's the case, this addition would let us simplify all the place where we're currently going with resp, err := s.c.ListPasswords(ctx, &api.ListPasswordReq{})
if err != nil {
return nil, errors.Wrap(err, "get password")
}
// searches returned users for user
for _, p := range resp.Passwords {
if p.Email == email {
usr := users.ShowUser{
ID: p.UserId,
Name: p.Username,
Email: p.Email,
}
return &usr, nil
}
}
return nil, &users.NotFoundError{}...and, since it doesn't seem too big a deal for dex' GRPC API, I'd think it's a good addition 😉 |
|
Can we do #1272 instead? |
|
@ericchiang well, these two are rather complementary... 🤔 Or am I missing something? |
| string email = 1; | ||
| } | ||
|
|
||
| // GetPasswordResp a specific password by email. |
There was a problem hiding this comment.
This is really oddly named. Can we either rename it "GetUserResp" and "GetUserReq"? Or can we strongly clarify that the password isn't returned?
|
@sagikazarmark @nabokihms I'm writing an internal component which relies on the gRPC API and I stumbled upon this issue while looking for a way the check if a certain Password/User exists in dex. Is there any plan to include such an endpoint in the API? |
GetPassword was already wired up to storage and everything, just took a bit more work to wire it through the API. This will be super helpful when building things on top of Dex as you can retrieve a password without enumerating the entire store via ListPasswords.