Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add new authorization example #2257

Merged
merged 45 commits into from
Dec 13, 2022
Merged

Add new authorization example #2257

merged 45 commits into from
Dec 13, 2022

Conversation

externl
Copy link
Member

@externl externl commented Dec 9, 2022

This PR adds a new example to how to use interceptors and middleware to perform per request authorization. Several features included:

  • A "top-level" middleware that loads the token stored request field into a feature
  • /admin path that requires all requests to be "authenticated" with a token
  • /hello path that gives a different greeting if the session feature is present.

NOTE: still need to add a few more comments to the code.

examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Program.cs Show resolved Hide resolved
examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Authorization.slice Outdated Show resolved Hide resolved
examples/Authorization/Client/Client.csproj Outdated Show resolved Hide resolved
examples/Authorization/Client/Authorization.slice Outdated Show resolved Hide resolved
examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Admin.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Admin.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Program.cs Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/HelloAdmin.cs Outdated Show resolved Hide resolved
@pepone pepone self-requested a review December 9, 2022 19:19
Copy link
Contributor

@ReeceHumphreys ReeceHumphreys left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

examples/Authorization/Server/HelloService.cs Outdated Show resolved Hide resolved
using IceRpc.Features;
using IceRpc.Slice;

namespace AuthorizationExample;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Every other example is in module Demo. Why is this one in AuthorizationExample?

Copy link
Member Author

@externl externl Dec 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The module name corresponds to the example name. I don't think the others should all be called Demo.

examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/SessionInterceptor.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/HelloService.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/HelloAdminService.cs Outdated Show resolved Hide resolved
examples/Authorization/Client/SessionInterceptor.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Authorization.slice Outdated Show resolved Hide resolved
examples/Authorization/Client/SessionInterceptor.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/HelloAdmin.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/SessionFieldKey.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Hello.cs Outdated Show resolved Hide resolved
@externl externl requested a review from pepone December 12, 2022 14:48
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
@externl externl requested a review from pepone December 12, 2022 15:21
Copy link
Member

@pepone pepone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

examples/Authorization/SessionFieldKey.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
externl and others added 3 commits December 12, 2022 13:18
Co-authored-by: Jose  <pepone@users.noreply.github.com>
Co-authored-by: Jose  <pepone@users.noreply.github.com>
examples/Authorization/Client/Program.cs Outdated Show resolved Hide resolved
examples/Authorization/Authorization.slice Outdated Show resolved Hide resolved
examples/Authorization/README.md Outdated Show resolved Hide resolved
examples/Authorization/README.md Outdated Show resolved Hide resolved
examples/Authorization/README.md Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
examples/Authorization/Server/Session.cs Outdated Show resolved Hide resolved
externl and others added 2 commits December 12, 2022 14:48
Co-authored-by: Jose  <pepone@users.noreply.github.com>
@externl
Copy link
Member Author

externl commented Dec 13, 2022

I switched from a byte array to a Guid. However I'm not sure how wise this is since the Guid's are generally not cryptography secure, just random. Using securely generated bytes is probably more correct. 🤷‍♂️

module AuthorizationExample;

/// The authorization token
typealias Token = sequence<uint8>;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we missing an opportunity to illustrate custom here?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that would be beyond the scope of this example.

examples/Authorization/README.md Outdated Show resolved Hide resolved
examples/Authorization/README.md Outdated Show resolved Hide resolved
examples/Authorization/README.md Outdated Show resolved Hide resolved
examples/Authorization/README.md Outdated Show resolved Hide resolved
examples/Authorization/README.md Outdated Show resolved Hide resolved
@externl externl merged commit ac2e7b3 into icerpc:main Dec 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants