You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'll start off by saying I'm new to Go and that my difficulties here might have something to do with my inexperience with the full ecosystem.
In my project I am implementing a fairly simple API server and oapi-codegen seems like a great fit for the specification and I like the idea I can generate boilerplate and also maybe down the road re-use the spec to generate the documentation or for some other use without having to pull it out of the code. But while this works well for the operations I cannot figure out a good way to handle authentication.
I want to use a very simple API key mechanism: for some operations the client must supply a key in an HTTP header and that must match the server's for some entity. I cannot figure out how to do this well.
There is some good discussion and ideas in issue #114 but in the end the solution appears to be loading the OAPI specification from disk, which I'd like to avoid--I want to generate Go from the spec and afterwards leave the spec alone.
In a previous project using oapi-codegen v0.9 I used templates to accomplish this. I hacked just enough together so that the ServerInterface wrapper code would add a call to my ApiKeyAuth function if a security requirement object was defined for a path. It is clunky--I tried to make better use of the API specification to incorporate the type of auth into the function name, gave up and hardcoded this function name--but it works.
I was hoping to avoid use of templates this time around by following the PetStore example. It's a bit complex (for my little brain), involving creating an authenticator object, a template for invoking authenticators, and creating a middleware that invokes the authenticator when necessary. But then in the end it appears to only invoke the authentication piece by validating the request against the specification after loading the spec file, which as previously stated I want to avoid.
On getting this far I decided to go back to templating but with the new configuration I can't figure this out. I've generated the configuration using -old-config-style -output-config and get a configuration with the templates there but they are never used and I can't figure out why.
Like I said, I'm a Go newb but have tried to work through this, and I might just not have the background in Golang ecosystems. I'm not looking for a solution in code, but advice as to the correct approach.
Is it possible to invoke my ApiKeyAuth without templates, and without reading the spec file at runtime?
If templates are the right way to go, any ideas on why I can't get them to work in v0.11.0?
Is the above discussion full of silly assumptions and would you be willing to point them out? :D
I hope this kicks off a useful discussion for others as well, I can't be the only one struggling with this.
Update:
The reason I couldn't get templates specified in the YAML file to work--while the templates were previously (in the other project) in the api/ directory as echo-wrappers.tmpl etc., and this worked fine before, in the code structure for oapi-codegen they are under an echo/ subdirectory of the main templates directory. When I define the wrappers template as:
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi all,
I'll start off by saying I'm new to Go and that my difficulties here might have something to do with my inexperience with the full ecosystem.
In my project I am implementing a fairly simple API server and oapi-codegen seems like a great fit for the specification and I like the idea I can generate boilerplate and also maybe down the road re-use the spec to generate the documentation or for some other use without having to pull it out of the code. But while this works well for the operations I cannot figure out a good way to handle authentication.
I want to use a very simple API key mechanism: for some operations the client must supply a key in an HTTP header and that must match the server's for some entity. I cannot figure out how to do this well.
There is some good discussion and ideas in issue #114 but in the end the solution appears to be loading the OAPI specification from disk, which I'd like to avoid--I want to generate Go from the spec and afterwards leave the spec alone.
In a previous project using oapi-codegen v0.9 I used templates to accomplish this. I hacked just enough together so that the ServerInterface wrapper code would add a call to my
ApiKeyAuth
function if a security requirement object was defined for a path. It is clunky--I tried to make better use of the API specification to incorporate the type of auth into the function name, gave up and hardcoded this function name--but it works.I was hoping to avoid use of templates this time around by following the PetStore example. It's a bit complex (for my little brain), involving creating an authenticator object, a template for invoking authenticators, and creating a middleware that invokes the authenticator when necessary. But then in the end it appears to only invoke the authentication piece by validating the request against the specification after loading the spec file, which as previously stated I want to avoid.
On getting this far I decided to go back to templating but with the new configuration I can't figure this out. I've generated the configuration using
-old-config-style -output-config
and get a configuration with the templates there but they are never used and I can't figure out why.Like I said, I'm a Go newb but have tried to work through this, and I might just not have the background in Golang ecosystems. I'm not looking for a solution in code, but advice as to the correct approach.
I hope this kicks off a useful discussion for others as well, I can't be the only one struggling with this.
Update:
The reason I couldn't get templates specified in the YAML file to work--while the templates were previously (in the other project) in the
api/
directory asecho-wrappers.tmpl
etc., and this worked fine before, in the code structure for oapi-codegen they are under anecho/
subdirectory of the main templates directory. When I define the wrappers template as:Then the templating works. :)
Beta Was this translation helpful? Give feedback.
All reactions