-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use of authentication methods other than Basic Auth #158
Comments
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/177739656 The labels on this github issue will be updated when the story is started. |
Hi @cimnine Thanks for opening the issue. Thanks, |
Hi @cimnine Are you still able to provide a PR? We are considering releasing a new version in the next few days and we could include your change there. Thanks, |
If I can't submit a PR by tomorrow, it will probably take a while. In this case, please proceed with a release regardless. |
See #168 for a PR. |
This commit provides the necessary means for projects building upon the brokerapi to use their own authentication middleware, e.g. to provide authentication based on Bearer tokens as defined in RFC 6750, section 2.1. Closes #158
Thank you for your contribution @cimnine! |
The service broker API spec defines that «it is RECOMMENDED that all communications between a Platform and a Service Broker are […] authenticated.» Also that «Platforms and Service Brokers MAY agree on an authentication mechanism other than basic authentication, but the specific agreements are not covered by this specification.»
This stands in contrast to the implementation of this project, which mandates Basic Auth, at least when initialized using
api.New(…)
.In our project, we would like to implement authentication based on Bearer Tokens. I'm tasked to implement this.
Currently, my only option is to replicate the
api.New(…)
in our own code. But I would like to avoid that, because it increases the possibility that something breaks unexpectedly when we update to a later version of the brokerapi:We would have to establish some means to check that our replication of
api.New(…)
still matches the upstream version, except for the authentication part.I therefore propose a refactoring of that method. With backwards-compatibility in mind, I suggest to introduce a new function
func NewWithCustomAuth(serviceBroker ServiceBroker, logger lager.Logger, authMiddleware http.Handler)
inapi.go
like so:Perhaps you find a better name for
NewWithCustomAuth
, as it's not pretty. Yet it does convey the message what it differentiates fromfunc New(…)
.Now:
api.New(…)
?The text was updated successfully, but these errors were encountered: