Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update "How to Authenticate Users with API Keys" #6706

Merged
merged 3 commits into from
Jul 4, 2016
Merged

Update "How to Authenticate Users with API Keys" #6706

merged 3 commits into from
Jul 4, 2016

Conversation

wouterj
Copy link
Member

@wouterj wouterj commented Jul 2, 2016

Finishes #6157

Original PR description:

  • supportsToken should be defined above authenticateToken to reflect documentation numbering
  • onAuthenticationFailure should return http code 401 Unauthorized (RFC 7235) not 403 Forbidden.
  • added missing information about defining access_control - figuring this out kept me hanging for a while
  • used ROLE_API instead of ROLE_USER to demonstrate access_control configuration

gondo and others added 3 commits July 2, 2016 13:57
@gondo @wouterj
fixes
dbd8bb9 
`supportsToken` should be defined above `authenticateToken` to reflect documentation numbering

`onAuthenticationFailure` should return http code 401 Unauthorized (RFC 7235) not 403 Forbidden.

added missing information about defining `access_control` - figuring this out kept me hanging for a while

used `ROLE_API` instead of `ROLE_USER` to demonstrate `access_control` configuration
@gondo @wouterj
removed message from BadCredentialsException
81dd5e7 
removed message from BadCredentialsException as defining custom message is confusing, because `onAuthenticationFailure` is using `getMessageKey()` instead of `getMessage()`
@wouterj
Use a more realistic /api instead of /admin
f008819
@wouterj wouterj mentioned this pull request Jul 2, 2016
Closed
@xabbuh
Copy link
Member

xabbuh commented Jul 4, 2016

👍 LGTM

Status: Reviewed

@javiereguiluz
Copy link
Member

👍

@wouterj
Copy link
Member Author

wouterj commented Jul 4, 2016

Thank you @gondo.

@wouterj wouterj merged commit f008819 into 2.7 Jul 4, 2016
wouterj added a commit that referenced this pull request Jul 4, 2016
@wouterj
minor #6706 Update "How to Authenticate Users with API Keys" (gondo, …
f3629df 
…WouterJ)

This PR was merged into the 2.7 branch.

Discussion
----------

Update "How to Authenticate Users with API Keys"

Finishes #6157

Original PR description:

 > * `supportsToken` should be defined above `authenticateToken` to reflect documentation numbering
 > * `onAuthenticationFailure` should return http code 401 Unauthorized (RFC 7235) not 403 Forbidden.
 > * added missing information about defining `access_control` - figuring this out kept me hanging for a while
 > * used `ROLE_API` instead of `ROLE_USER` to demonstrate `access_control` configuration

Commits
-------

f008819 Use a more realistic /api instead of /admin
81dd5e7 removed message from BadCredentialsException
dbd8bb9 fixes
@wouterj wouterj deleted the gondo-api-keys branch July 4, 2016 11:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Status: Reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@wouterj @xabbuh @javiereguiluz @carsonbot @gondo