-
Notifications
You must be signed in to change notification settings - Fork 170
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable the 'no_body' option when authorizing against 3scale backend #483
Changes from all commits
62a0b2d
c001e45
e40da7b
e62464b
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -124,11 +124,23 @@ local function create_token_path(service_id) | |
return format('/services/%s/oauth_access_tokens.xml', service_id) | ||
end | ||
|
||
local authorize_options = { | ||
headers = { | ||
['3scale-options'] = 'rejection_reason_header=1' | ||
} | ||
} | ||
-- Returns the authorize options that 3scale backend accepts. Those options | ||
-- are specified via headers. Right now there are 2: | ||
-- - rejection_reason_header: asks backend to return why a call is denied | ||
-- (limits exceeded, application key invalid, etc.) | ||
-- - no_nody: when enabled, backend will not return a response body. The | ||
-- body has many information like metrics, limits, etc. This information is | ||
-- parsed only when using oauth. By enabling this option will save some work | ||
-- to the 3scale backend and reduce network traffic. | ||
local function authorize_options(using_oauth) | ||
local headers = { ['3scale-options'] = 'rejection_reason_header=1' } | ||
|
||
if not using_oauth then | ||
headers['3scale-options'] = headers['3scale-options'] .. '&no_body=1' | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @davidor why don't you first construct the string and then create the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. it is all going to be JITed ! |
||
end | ||
|
||
return { headers = headers } | ||
end | ||
|
||
--- Call authrep (oauth_authrep) on backend. | ||
-- @tparam ?{table,...} query list of query parameters | ||
|
@@ -138,8 +150,9 @@ function _M:authrep(...) | |
return nil, 'not initialized' | ||
end | ||
|
||
local auth_uri = authrep_path(self.version == 'oauth') | ||
return call_backend_transaction(self, auth_uri, authorize_options, ...) | ||
local using_oauth = self.version == 'oauth' | ||
local auth_uri = authrep_path(using_oauth) | ||
return call_backend_transaction(self, auth_uri, authorize_options(using_oauth), ...) | ||
end | ||
|
||
--- Call authorize (oauth_authorize) on backend. | ||
|
@@ -150,8 +163,9 @@ function _M:authorize(...) | |
return nil, 'not initialized' | ||
end | ||
|
||
local auth_uri = auth_path(self.version == 'oauth') | ||
return call_backend_transaction(self, auth_uri, authorize_options, ...) | ||
local using_oauth = self.version == 'oauth' | ||
local auth_uri = auth_path(using_oauth) | ||
return call_backend_transaction(self, auth_uri, authorize_options(using_oauth), ...) | ||
end | ||
|
||
--- Calls backend to create an oauth token. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't be nicer to pass
self
instead ofusing_oauth
?Because if the condition changes we would have to change only one place - this method.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see that it would also require changing the
authrep_path
method to expect self instead of just boolean.Tough choice. Not so sure now. I guess it is fine as it is then!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like this option because it makes explicit that the only thing the method needs to know about is if we are running the oauth flow or not. Although as you said, we might need to change the params this method receives and the callers in the future.