Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

V3: Fix generated endpoints when using SkipRequestBodyEncodeDecode with BasicAuth #2532

Merged
merged 9 commits into from Apr 19, 2020

Conversation

achow-flexera
Copy link
Contributor

@achow-flexera achow-flexera commented Apr 14, 2020

Fixed using incorrect type on the generated endpoints when using SkipRequestBodyEncodeDecode() with BasicAuth.

@raphael and @nitinmohan87,
When I added a test for JWTAuth, it returned
HTTP endpoint request body must be empty when using SkipRequestBodyEncodeDecode but not all method payload attributes are mapped to headers and params

Just want to verify if other authentication types are supported?

achow-flexera and others added 3 commits Apr 14, 2020
We need grpc-go to upgrade from
github.com/golang/protobuf/proto to
google.golang.org/protobuf/proto before we
can upgrade the grpc package of Goa.
Code string
}{
{"with-basicauth", testdata.EndpointWithBasicAuthAndSkipRequestBodyEncodeDecodeDSL, testdata.EndpointWithBasicAuthAndSkipRequestBodyEncodeDecodeCode},
//{"with-jwtauth", testdata.EndpointWithJWTAuthAndSkipRequestBodyEncodeDecodeDSL, ""},
Copy link
Member

@raphael raphael Apr 18, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please remove this commented out line? thank you!

Copy link
Contributor Author

@achow-flexera achow-flexera Apr 19, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@raphael
Copy link
Member

@raphael raphael commented Apr 18, 2020

Looks great, thank you for the fix! Can you please rebase on top of the latest v3 so the build passes?

@raphael
Copy link
Member

@raphael raphael commented Apr 18, 2020

Also I'm taking a look at the JWT use case - I believe Goa should be able to tell that JWT uses HTTP headers and therefore should not produce this validation error.

and using security. The code wasn't properly taking into account the case
where a payload attribute was implicitly mapped to a HTTP header
like is the case for attributes used to capture credentials
(e.g. JWT token coming from Auhtorization header).
@raphael
Copy link
Member

@raphael raphael commented Apr 18, 2020

Update: the issue with JWT should now be fixed. Please rebase with the latest v3 to get the fix, thank you!

@raphael
Copy link
Member

@raphael raphael commented Apr 19, 2020

Thank you! Can you please backport this to v2 as well? thanks!

@raphael raphael merged commit 8ecad66 into goadesign:v3 Apr 19, 2020
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants