Comments (6)
Will have some docs soon. In the meantime, creating a new project from the template (aqueduct create -n ...) will hook up auth endpoints and can serve as an example. You can view the template code in examples/default.
from aqueduct.
Thanks - looking forward to the docs!
I have the sample project setup, and I can see the auth endpoints. It is just not clear how they work.
I gather this is meant to integrate with an external OAuth2 provider? How would that work? Is there any way of providing authz based on OAuth2 scopes?
from aqueduct.
The endpoints work with an AuthServer instance (not a remote server, a Dart object). AuthServer instance does the logic of creating and validating tokens and such, but has a AuthServerDelegate to carry out any persistence. In the template code, that delegate is implemented to use the built-in ORM (utilities/auth_delegate.dart). So, tokens are stored in PostgreSQL is the tl;dr.
Authorizers are RequestControllers that validate an HTTP request with an AuthServer.
from aqueduct.
OK - if I grok this correctly, the client has to get an access token by posting credentials to /auth/token, or to /auth/code and then exchanging the code for a token.
The sample app looks like it needs to be "bootstrapped" with some credentials in the database in order to be able to create users by invoking /register (which is itself protected with OAuth 2)
from aqueduct.
This is correct; the OAuth 2.0 flows for resource owner, application and authorization code are supported. You'll need to insert AuthClients (Client ID/Secret) in a database - this isn't in the sample code because the secret shouldn't be in version control, but does need to be better documented. The secret is hashed with a salt before it is stored in the DB. The method AuthServer.generateAPICredentialPair will generate a salt and hash in the same way the AuthServer will, so I typically create a script that takes an ID/secret and calls that method.
The test harness in the example project will create a dummy ID/secret for the purposes of running the test. I believe it is com.stablekernel.test/kilimanjaro - but it doesn't really matter, because the TestClient already has that value stored as its default API credentials.
from aqueduct.
Moving this into a more consolidated issue #114
from aqueduct.
Related Issues (20)
- How to use ORM without http server HOT 1
- starting from existing db HOT 2
- Getting Socket exception after restarting the aqueduct app HOT 4
- Problems with aqueduct commands after flutter upgrade HOT 12
- How to install aqueduct on macOS? HOT 4
- How to I change aqueduct serve default port? HOT 5
- How can I create a push notification with aqueduct? HOT 2
- Unable to create project. HOT 1
- aqueduct db upgrade gives range error : Invalid value: Not in inclusive range 0..1114111: -1 HOT 2
- I think aqueduct need provide object transfer method like the AutoMapper
- [Feature request !!] any plans to return html templates instead of json ? HOT 1
- Dart 2.12 and new features HOT 1
- Use multiple query condition after join
- Dependency issues, new versions of googleapis are no longer compatible
- null-safety error on commands HOT 3
- Feature-Request: Replace mirrors with reflectable
- Here's how to fix your Heroku app (SSL) HOT 2
- Annotation @ManagedTableAttributes: Is not working. HOT 1
- Is this project no longer maintained
- Do you consider adding such a plug-in, please see the link below!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aqueduct.