Comments (9)
@johnbrun09 @gencer thanks for the reporting, I will check it ASAP.
from grape_oauth2.
Same here. Authentication processed regardless access_token_required!
is given or not.
Update: This is probably caused Middleware that inject itself calls Bearer "authorization" method automatically. When that happens, Grape thinks you want authentication.
For the time being, the only workaround is using include in only specific endpoints. I hope we can get @nbulaj' s attention here.
from grape_oauth2.
@johnbrun09 can yo please provide full code listing for the module where you are injecting include Grape::OAuth2.api
? I can't guess if you get a 401 error without the gem injection or with..
from grape_oauth2.
Since no reply made. Let me gave you mine:
module V2
class Base < Grape::API
version 'v2', using: :path, vendor: 'test'
format :json
# prefix :api
include Grape::OAuth2.api
mount V2::Query
# ... other mounts
end
end
module V2
class Query < Grape::API
# all actions in this class requires authentication. No matter you give :access_token_required! or not.
end
end
from grape_oauth2.
@gencer @johnbrun09 what am I doing wrong?
https://gist.github.com/nbulaj/ff3716d1043143c01b2237c4fa34517a
I've added two endpoints to simple Grape API, one public and one protected (after injecting Grape::OAuth2), and tested it with rackup and curl.
from grape_oauth2.
The gist you prepared is the same scheme I used. Only difference (not wrong) is how we used it.
For me; I use it with Rails5. Maybe Rails has something to do with this or some gem interfere?
Because, I am positively sure that mounting api endpoints after oauth.api, makes all mounts authenticable. But before them is public.
Should I prepare a skeleton/sample project for you maybe?
from grape_oauth2.
@gencer it will be great, because it's hard for me to find a concrete problem without knowing all the environment.
from grape_oauth2.
Hi @gencer . Any update here?
from grape_oauth2.
@nbulaj, I completely forgot about this. I was switched to doorkeeper at that time.
However, I just illustrated a sample on my end and it seems it just passes my test. However, I can't remember exactly what was my previous environment like which was failed as this issue stated
from grape_oauth2.
Related Issues (6)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grape_oauth2.