-
Notifications
You must be signed in to change notification settings - Fork 475
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
async/await for saml.ts #496
Conversation
@gugu Thanks for this work. @cjbarth @gugu What do think about supporting both promises and callbacks vs the more radical approach of dropping callback support and requiring users uses to use I suspect most of our new users who haven't used For those with legacy callback codebases, those developers are probably already introducing other modules with promise-only APIs should be familiar with adding This PR adds some duplicate functions with the |
I thought about this. The problem with keeping the existing name is behavior for users who update to a new major release - callback will never be called. Currently, I marked these functions as @deprecated. All IDE and typescript will mark this code as deprecated. Also, I can add a deprecation warning. But any decision is fine for me |
I don't have time to review this right now, but I think it is important that we keep a distinction between exported and internal functions. I'm fine with all internal functions being async/await and only returning promises. External functions, particularly those that match the Passport specification, should support the "node-back" pattern of the last argument being a callback. If no callback is provided, then we can default to returning a promise; any function that returns a Promise can be awaited in client code. In that case, we wouldn't rename the function to have an Example. Please keep in mind that top-level |
I was about to say about the same thing as @cjbarth. I reviewed our README, and I don't see any functions from "saml.ts" being currently documented as public functions. I'm not concerted about the minority of people who are using an internal, undocumented module directly. @cjbarth is right that parts of the One of the goals of this project has been to expose a high quality SAML library that doesn't depend on |
What objection is there to supporting both callbacks and promises using the pattern I showed? It is a very simple pattern and doesn't presume on a pattern of coding or external transform. The pattern would only have to be for exported functions, and we have very few of those, even if |
@cjbarth I'm OK with supporting both APIs, but it's not my preference. I know some other popular libraries like Mongoose support both Promise API and callback APIs. In the Mongoose case, they were supporting backwards compatibility. In our case, we are talking about potentially formally exposing an internal module for the first time. An argument in favor of "promises only" is that it's easy to add features than take them away. A second benefit of "promises-only" is that it simplifies the docs. Third, the example "node back" code doesn't address exceptions (unless I missed something). Wouldn't we also need to One option is to start with a promises-only API and then if there's a demand for callback interface, a pattern like the one you showed can easily support that. If a callback interface is a high-demand feature, it will be easier to add then to triage a stream of issues requesting it. |
I'm all for this idea. I have no immediate use for this version of the library, but no projects that I'm actively working on make use of Promises as first-class citizens (they were started before good native support for Promises), so that is why I'm interested in a way forward. I also would rather not recommend a 3rd party library for promises; even Bluebird says to prefer native promises now. One question though, do we know how many exported function's we're talking about? I was under the impression it would only be a small handful and those would mostly be API-only functions that dispatch to internal implementations so that we never actually expose the internal functions and can refactor without messing with the API, like the following. In that case, initially adding support for both patterns would be trivial. function myPublicFunction(options: {}) {
// validate options?
return myPrivateFunction(options);
}
function myPrivateFunction(options: {}) {
// do stuff
return stuff;
} As for the error handing, it really won't change between the two patterns. At the deepest level of code, the |
@cjbarth I reviewed the Passport docs some yesterday I see only that the strategy is part of the spec, Our What is true is that there have been multiple requests over the years for people to use our SAML functions without Passport. So exposing and documenting the functions in Potentially, this could be split into it's own NPM module that would be a dependency of the |
I completely agree that Does that make sense? |
What is the decision? I'm okay with any choice |
To make saml.ts maintainable I've added async/await support for saml.ts
util.callbackify
function, which calls asyncmethodNameAsync
methodPros:
Cons: