New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
storage: fix storage implementation. Authorization should use AuthorizeRequester interface #24
Conversation
…zeRequester interface
It is intended that all storage APIs use What broke exactly? Maybe there is another way to fix this issue? |
Hmm maybe I looked at the PR too quickly. When creating an authorization code, there is no access to store the redirect uri or state any more (as far as I can tell). Likewise when retrieving the authorize code, there is no way to return the redirect uri and state from the storage. |
Thanks for the review :) There is a new method added: Does this answer your question? |
By the way, |
I'm sorry -- I dug through the implementation as I refactored my storage but somehow missed that with all the changes. Thanks for clarifying, that does indeed work to retrieve the values and store them with the authorize code. So when returning a
That was part of my confusion. The token response is supposed to return the But when I write the response using this:
The state is not returned. You can see the output of
That's why I thought Am I missing something? |
req := Request: fosite.Request{
Client: client,
Scopes: fosite.Arguments(scopes),
RequestedAt: createdAt,
RequestForm: url.Values{
"redirect_uri": "https://foobar.com/", // be aware that if a redirect_uri is present, it also needs to be present when you make the token request. It's written somewhere in the spec, not sure where exactly right now
"state": "foobar",
},
} |
You can also take a look at the very simply example storage implementation here. |
Ok thank you -- that did it (using I apologize for the unnecessary PR here. Thanks for being so helpful! |
No need to apologize, I'm glad that it worked out for you and I'm also glad that you are one of the early adopters of fosite :) If you run into issues or trouble again, feel free to ask any time. I am looking to have a first stable API by end of february so hopefully BC breaks will be much less common then |
The last commit for work on #20 made major API updates, but broke the authorize code implementation in the storage. Storage should use
fosite.AuthorizeRequester
interface inCreateAuthorizeCodeSession
andGetAuthorizeCodeSession
--fosite.Requester
is used. This PR updates the storage interface and related tests.Signed-off-by: Cristian Graziano