thaven / oauth Goto Github PK
View Code? Open in Web Editor NEWOAuth2 client library for D
License: MIT License
OAuth2 client library for D
License: MIT License
As vibe.d does not currently provide a way to associate the OAuthSession with the request, loadSession may need to be called multiple times for a single request as is passes through different processors.
Depends on vibe-d/vibe.d#1529
Hi there,
I saw your nice OAuth module and as you have seen I liked it so much that I have forked it at https://github.com/teamhackback/oauth
I have done a couple of further changes and due to the split of client.d
into multiple files a PR might be long. However if you are interested I am happy to look into cleaning the changes and incorporating them into a PR. I also plan to publish a bigger example app in the next weeks.
Here's an overview of major changes:
.dup
to sha256Of(base);
- for some weird reason the allocated memory seems to changeclient.d
into exception.d
, session.d
, settings.d
(config.d
is part of settings.d
)@safe
for Vibe.d 0.8extraParams
to webapp.login
webapp.login
to bool
As I want to deploy my application on multiple servers/threads a cache is problematic as the second request might hit another thread / server. Moreover a long-running application also needs some auto-cleanup, which currently isn't implemented. Thus I removed both settingsCache
and sessionCache
.
I use something like this instead of loadConfig
in settings.d
.
This isn't something complex, hence I opened this issue to see whether this would be interesting for others.
auto loadFromEnvironment(
string providerName,
string envPrefix,
string redirectUri,
)
{
import std.process : environment;
string clientId = environment[envPrefix ~ "_CLIENTID"];
string clientSecret = environment[envPrefix ~ "_CLIENTSECRET"];
return new immutable(OAuthSettings)(
providerName,
clientId,
clientSecret,
redirectUri);
}
I got this message:
oauth 0.1.1: building configuration "library"...
../../../../.dub/packages/oauth-0.1.1/oauth/source/oauth/client.d(565,9): Deprecation: catch statement without an exception specification is deprecated; use catch(Throwable) for old behavior
../../../../.dub/packages/oauth-0.1.1/oauth/source/oauth/webapp.d(159,9): Deprecation: catch statement without an exception specification is deprecated; use catch(Throwable) for old behavior
@thaven @wilzbach
Seems like this is yet another victim of issue https://issues.dlang.org/show_bug.cgi?id=12625 .
In 0.1.4 there's this line in client.d
:
this.hash = sha256Of(provider.tokenUri ~ ' ' ~ clientId);
This assigns stack allocated memory to this.hash and the value i later overwritten by other stack data. Looks like this code was refactored so maybe master is not affected. Nevertheless a bugfix release would be nice. Solution: Use .idup
.
I also suggest to be careful with the loginKey/LoginData.key
methods. AFAICS the code won't cause corruption, but as you return a static array from this function you have to make sure all uses of this function are safe (essentially you have to threat the returned array as scope
).
As e.g. done here.
Hey, I need OAuth for one of my projects and it looks like this project would really fit me.
I see that the master branch differs a lot from the v0.0.1-alpha tag, so I'm wonder which I should use.
I would guess that the master branch isn't really done yet, because it userAuthUri
and userSession
are private. (Bug?)
Is there anything I could help with?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.