Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Etna Auth should use ParseBody to get all the params #42

Closed
coleshaw opened this issue May 18, 2020 · 2 comments
Closed

Etna Auth should use ParseBody to get all the params #42

coleshaw opened this issue May 18, 2020 · 2 comments

Comments

@coleshaw
Copy link
Collaborator

Currently for POST requests, any supplied URL query parameters do not appear in rack.request.params. This means that for HMAC signature verification to work, those parameters have to be hacked into the request body. We would prefer to keep the signing params in the URL.

We should be able to use Etna::ParseBody to get all the params, regardless of where they are located. The Etna::Auth should use that implementation.
@graft
Copy link
Contributor

graft commented May 19, 2020

Etna::ParseBody is a Rack layer that usually runs before Etna::Auth, e.g.:
https://github.com/mountetna/metis/blob/d32d9defcf13aaa8e58193e85badef8bf16e3cd0/config.ru#L10-L17

I.e., ParseBody will automatically stuff things into rack.request.params from wherever they might originate before Etna::Auth runs, allowing the latter to get whatever it needs from params. If params aren't showing up there is perhaps some other explanation.

@coleshaw
Copy link
Collaborator Author

Superceded by #43 -- I figured out the root cause for the query param issues I was seeing in Magma - Metis.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@graft @coleshaw