Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question: Register custom middleware for authentication #1372

Closed
micfan opened this issue Apr 26, 2016 · 2 comments
Closed

Question: Register custom middleware for authentication #1372

micfan opened this issue Apr 26, 2016 · 2 comments
Labels
bug?

Comments

@micfan
Copy link

micfan commented Apr 26, 2016

I am trying to use Middleware::Auth::Base to add my own strategies by Grape::Middleware::Auth::Strategies.add(), but this line returned the rack response [400, foo, bar].

The two file like this:

require 'rack/auth/abstract/handler'
require 'rack/auth/abstract/request'
require 'grape/middleware/auth/base'

# Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
#
# Initialize with the Rack application that you want protecting,
# and a block that checks if a username and password pair are valid.
#
# See also: <tt>example/protectedlobster.rb</tt>

class OAuthMiddleware < Rack::Auth::AbstractHandler

  def call(env)
    oauth = OAuthMiddleware::Request.new(env)

    return unauthorized unless oauth.provided?

    return bad_request unless oauth.basic?

    if valid?(oauth)
      env['REMOTE_USER'] = oauth.username

      return @app.call(env)
    end

    unauthorized
  end


  private

  def challenge
    'Basic realm="%s"' % realm
  end

  def valid?(auth)
    @authenticator.call(*auth.credentials)
  end

  class Request < Rack::Auth::AbstractRequest
    def basic?
      "OAuth.Github".downcase == scheme
    end

    def credentials
      @credentials ||= params.unpack("m*").first.split(/:/, 2)
    end

    def username
      @credentials.first
    end
  end

end
  class MyAPI < Grape::API

    Grape::Middleware::Auth::Strategies.add(
        :github_oauth,
        OAuthMiddleware,
        ->(options) {
          [options[:realm]]
        }
    )

    auth :github_oauth, { realm: 'OAuth.Github',
                          # type: :github_oauth
    } do |username, access_token|
      # lookup the user's password here
      puts username
      puts access_token
      # { 'hello' => 'world' }[username]
      true
    end
  end

Where is the error? Is there any demo or more detailed docs than this README?
@dblock dblock added the bug? label Apr 26, 2016
@dblock
Copy link
Member

dblock commented Apr 26, 2016

Looks like an exception was raised inside the call, then handled. Maybe build a smaller project without the whole oauth thing that demonstrates the problem?

@micfan
Copy link
Author

micfan commented Jan 28, 2019

need more report on this issue

@micfan micfan closed this as completed Jan 28, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug?
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dblock @micfan