V3: Fix generated endpoints when using SkipRequestBodyEncodeDecode with BasicAuth #2532
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We need grpc-go to upgrade from github.com/golang/protobuf/proto to google.golang.org/protobuf/proto before we can upgrade the grpc package of Goa.
raphael
reviewed
Apr 18, 2020
codegen/service/security_test.go
Outdated
| Code string | ||
| }{ | ||
| {"with-basicauth", testdata.EndpointWithBasicAuthAndSkipRequestBodyEncodeDecodeDSL, testdata.EndpointWithBasicAuthAndSkipRequestBodyEncodeDecodeCode}, | ||
| //{"with-jwtauth", testdata.EndpointWithJWTAuthAndSkipRequestBodyEncodeDecodeDSL, ""}, |
There was a problem hiding this comment.
Can you please remove this commented out line? thank you!
|
Looks great, thank you for the fix! Can you please rebase on top of the latest v3 so the build passes? |
|
Also I'm taking a look at the JWT use case - I believe Goa should be able to tell that JWT uses HTTP headers and therefore should not produce this validation error. |
and using security. The code wasn't properly taking into account the case where a payload attribute was implicitly mapped to a HTTP header like is the case for attributes used to capture credentials (e.g. JWT token coming from Auhtorization header).
|
Update: the issue with JWT should now be fixed. Please rebase with the latest |
|
Thank you! Can you please backport this to |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixed using incorrect type on the generated endpoints when using SkipRequestBodyEncodeDecode() with BasicAuth.
@raphael and @nitinmohan87,
When I added a test for JWTAuth, it returned
HTTP endpoint request body must be empty when using SkipRequestBodyEncodeDecode but not all method payload attributes are mapped to headers and paramsJust want to verify if other authentication types are supported?