-
-
Notifications
You must be signed in to change notification settings - Fork 557
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
V3: Fix generated endpoints when using SkipRequestBodyEncodeDecode with BasicAuth #2532
Conversation
We need grpc-go to upgrade from github.com/golang/protobuf/proto to google.golang.org/protobuf/proto before we can upgrade the grpc package of Goa.
codegen/service/security_test.go
Outdated
Code string | ||
}{ | ||
{"with-basicauth", testdata.EndpointWithBasicAuthAndSkipRequestBodyEncodeDecodeDSL, testdata.EndpointWithBasicAuthAndSkipRequestBodyEncodeDecodeCode}, | ||
//{"with-jwtauth", testdata.EndpointWithJWTAuthAndSkipRequestBodyEncodeDecodeDSL, ""}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please remove this commented out line? thank you!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
Looks great, thank you for the fix! Can you please rebase on top of the latest v3 so the build passes? |
Also I'm taking a look at the JWT use case - I believe Goa should be able to tell that JWT uses HTTP headers and therefore should not produce this validation error. |
and using security. The code wasn't properly taking into account the case where a payload attribute was implicitly mapped to a HTTP header like is the case for attributes used to capture credentials (e.g. JWT token coming from Auhtorization header).
Update: the issue with JWT should now be fixed. Please rebase with the latest |
Thank you! Can you please backport this to |
Fixed using incorrect type on the generated endpoints when using SkipRequestBodyEncodeDecode() with BasicAuth.
@raphael and @nitinmohan87,
When I added a test for JWTAuth, it returned
HTTP endpoint request body must be empty when using SkipRequestBodyEncodeDecode but not all method payload attributes are mapped to headers and params
Just want to verify if other authentication types are supported?