Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add object Authenticated property #1452

Merged
merged 3 commits into from Aug 16, 2016
Merged

add object Authenticated property #1452

merged 3 commits into from Aug 16, 2016

Conversation

technoweenie
Copy link
Contributor

This lets servers set an Authenticated property on objects, that the client uses to determine if it needs to call git-credential or not. This is a forward compatible API change, and won't affect existing implementations.

When a client hits the batch api, it sends a payload like this:

{
  "operation": "download",
  "objects": [{"oid": "SOMEOID", "size": 123}]
}

A typical server response returns a URL to transfer the object with any values for the HTTP request header.

{"objects": [{
  "oid": "SOMEOID",
  "size": 123,
  "actions": {
    "download": {
      "href": "https://download-this-object",
      "header": {
        "Authorization": "Basic ..."
      }
    }
  }
}

Git LFS will use git-credential to find the user and pass for that download unless the Authorization header is set. What if the service uses a non-standard header, or what if the file requires no authentication? This is where the authenticated property comes in:

{"objects": [{
  "oid": "SOMEOID",
  "size": 123,
  "authenticated": false,
  "actions": {
    "download": {
      "href": "https://download-this-object",
      "header": {
        "Custom-Token": "Basic ..."
      }
    }
  }
}

ttaylorr
ttaylorr reviewed Aug 16, 2016
View reviewed changes
api/object.go
Error *ObjectError `json:"error,omitempty"`
Oid string `json:"oid,omitempty"`
Size int64 `json:"size"`
Authenticated bool `json:"authenticated,omitempty"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is omitempty behavior that we want? In the case of bools, we would only require having the authenticated property if the value were true.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's fine, since the default is false. Apparently omitempty is good enough for oid too :trollface:

@ttaylorr
Copy link
Contributor

Pending my one comment, looks great 👍

@ttaylorr
Copy link
Contributor

🚢

@technoweenie technoweenie merged commit fb63bc4 into master Aug 16, 2016
@technoweenie technoweenie deleted the allow-skippable-auth branch August 16, 2016 18:01
@technoweenie technoweenie mentioned this pull request Aug 25, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@technoweenie @ttaylorr