Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[gateway] Response templates improvement #2208

Closed
brightlizard opened this issue May 7, 2019 · 4 comments

Comments

@brightlizard
Copy link

commented May 7, 2019

Expected Behavior

It would be great if you will add a failure thats using response templates keys into gravitee-policy-oauth2.
It also be very useful to replace all ...failWith(PolicyResult.failure... to response template version on gateway component (https://github.com/gravitee-io/gravitee-gateway). It will allow to customize responses for all these cases.

And finally, response templates can be more flexible if you add the ability to set them by http-code. The simple example to illustrate this idia is modify the beggining of ResponseTemplateBasedFailureProcessor.handleFailure method like this:
...
String key = failure.key() != null ? failure.key() : Integer.toString(failure.statusCode());
if (key != null) {
ResponseTemplates responseTemplates = templates.get(key);
...

Current Behavior

It's not able to modify gravitee-policy-oauth2 failures
It's not able to modify gravitee-gateway failures
It's not able to modify failures by http code

Possible Solution

see above

Context

Response templates mechanism can be more flexible and universal

@brasseld

This comment has been minimized.

Copy link
Member

commented May 7, 2019

Hi @brightlizard

Thanks for your feedback.

Response template is not yet developed for all the policies, but you're right, it must be provided for most of them, and mainly oauth2 and JWT (as it is done with apikey policy).

About applying response template per http status code, I don't know if it makes sense since the same http status code may represent multiple and distinct errors (for example, 400 for a bad request, or 401 for unauthorized).
That's the reason why we choose to apply templates based on a error_key.
But for sure, the gateway can itself returns error_key instead of plain HTTP response....

Perhaps you can help and contribute on this?

@brightlizard

This comment has been minimized.

Copy link
Author

commented May 8, 2019

Yes, sure, we can modify oauth2 and jwt policy and make pull request according CONTRIBUTING.adoc
I think we will have time next week.

Also we can modify all ...failWith(PolicyResult.failure... in gateway component. It occurs in the code only 8 times. It gives the ability to modify response in cases like for example in SecurityPolicyChainResolver.class [line:57]
Could you, please, confirm that you aggree with this.

Applying response template per http status code may be usefull then, for example, there is a need to transform all responses with particular code to one template. If I think up other useful example I will leave the comment here )

@brasseld

This comment has been minimized.

Copy link
Member

commented May 8, 2019

Ok, so I'm waiting for your PR and it will be a pleasure to review and merge it :)

@brasseld

This comment has been minimized.

Copy link
Member

commented May 20, 2019

Hi here,

Very nice job @MariaPushkin.

This will be part of 1.27.x scheduled for next month (mid-june).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.