New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
$RestxSession special header, more samples in AppModule generated file (app.name, security) & test harness for restx-core-shell #40
Conversation
Provided some This was not easy, specifically on the RestxSignature generation, because signature key is randomly generated. |
Good job! I didn't think about the problem about the content to sign, using a
The Function would be something like:
WDYT? |
Yup you're right, I was too happy to have something working yesterday (or may I say, this morning :-)) This signature key is a boring stuff to handle, not only in generator, but generally in spec tests. I'm thinking about something like this :
|
I understand, I didn't know about the template block, you did the hard work :)
Very good idea! I'm wondering what the notation should be. The parentheses could imply some corner cases requiring to escape them in the content. Maybe it could be as simple as a specific
|
I like it : this is simple :-) I go with it ! :) |
Great! |
allowing to mimic some User in-memory DAO
Relying on UserRepository injected component Replaced HelloResource @permitAll by @RolesAllowed("hello-role") Added dep on restx-admin (thus on restx-security-basic)
with different users (and roles) Had a hard part to be able to sign cookie whereas signature key was randomly generated : I had to provide a Mustache template block in order to succeed
This will generate a RestxSession cookie with corresponding signature
Replaced by $RestxSession special header
I added some integration tests for These tests take a few seconds (approx ~8s per app configuration on my laptop), so, I'm wondering if I shouldn't bind them on the Let me know if you want to move them in an |
Excellent! That makes it much more stable, yes! I don't mind too much about |
and moved imports/references accordingly
WhenHttpRequest constructor
RestxSpecLoader with a builder, thus removing adherence to cookies in WhenHeaders.fillCookiesFromValue() (which was renamed to readHeader())
These modules could generate some restx app during tests, and when executing maven on these generated apps, every "standard" restx modules should have been installed in local maven repo to be correctly resolved
Thus allowing to inject SignatureKey & RestxSessionCookieDesriptor when needed Will eventually allow to have these WhenHeaders pluggables
thanks to xavier's comment c1b38e0#commitcomment-3977154
$RestxSession special header, more samples in AppModule generated file (app.name, security) & test harness for restx-core-shell - $RestxSession special header in restx specs files, allowing to define a restx session content (with proper cookie name, given available RestxCookieDescriptor component) and sign it with current SignatureKey component - Improved HelloResource sample by providing a basic security implementation sample and using the @RolesAllowed annotation - Provides a test harness in restx-core-shell allowing to validate that app new shell command generates a new app and this app has green tests
Taking into account :
app.name
component (using therestx shell
'sappName
property)SignatureKey
first, in order to follow documentation ordering on Generated app explained's AppModule sectionDuring implementation, some new features appeared :
$RestxSession
special header inrestx specs
files, allowing to define a restx session content (with proper cookie name, given availableRestxCookieDescriptor
component) and sign it with currentSignatureKey
component@RolesAllowed
annotationrestx-core-shell
allowing to validate thatapp new
shell command generates a new app and this app has green tests