Skip to content

ChannelAccessToken client doesn't have to require channel access token #557

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Nov 21, 2023
Merged

ChannelAccessToken client doesn't have to require channel access token #557

merged 4 commits into from
Nov 21, 2023

Conversation

@Yang-33
Copy link
Contributor

@Yang-33 Yang-33 commented Nov 17, 2023

No description provided.

@Yang-33
Copy link
Contributor Author

Yang-33 commented Nov 17, 2023

(I should replace mustache with pebble...)

tokuhirom
tokuhirom suggested changes Nov 20, 2023
View reviewed changes
Copy link
Contributor

@tokuhirom tokuhirom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, I think that's good.
However, I've started to feel that there might be a problem with the OpenAPI definition at the 'module_attach' part.

Only for the 'Attach by operation of the module channel provider', it should be possible to specify Authorization: Basic {base64({Channel ID}:{Channel Secret})}. For other APIs, they should be defined with Authorization Bearer.

But it's not being done that way now. The definition is wrong. The python sdk, unlike other SDKs, is looking at 'isBasicBearer', causing all APIs, including 'Attach by operation of the module channel provider', to become unusable. Because this makes all APIs unusable, I thought it would be better to not look at 'isBasicBearer' for now and merge it first, and then fix the openapi definition.

@tokuhirom
Copy link
Contributor

tokuhirom commented Nov 20, 2023

ah, no. i misunderstood. module-attach.yml only contains the endpoint of the Attach by operation of the module channel provider.

@tokuhirom
Copy link
Contributor

tokuhirom commented Nov 20, 2023

Maybe something like this is even better.

        self.default_headers['Authorization'] = '{% if isBasicBearer %}Basic{% else %}Bearer{% endif %} ' + configuration.access_token

@Yang-33
Copy link
Contributor Author

Yang-33 commented Nov 21, 2023

Thank you for your comment! As you said, I forgot module-attach uses Basic Authentication. I fixed this in https://github.com/line/line-bot-sdk-python/pull/557/files/30f803f7e0d89cb623b0453dd7778e55eb8cc54f..b6cc1aac82143e761c3c03f2b60435044a51a28a. PTAL again!

@Yang-33 Yang-33 requested a review from tokuhirom November 21, 2023 01:33
@Yang-33 Yang-33 merged commit 942c418 into line:master Nov 21, 2023
@Yang-33 Yang-33 deleted the channel-access-token-doesnt-require-auth-token branch November 21, 2023 04:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@tokuhirom tokuhirom tokuhirom approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Yang-33 @tokuhirom