Enable the 'no_body' option when authorizing against 3scale backend #483
Conversation
davidor
changed the title
| -- body has many information like metrics, limits, etc. This information is | ||
| -- parsed only when using oauth. By enabling this option will save some work | ||
| -- to the 3scale backend and reduce network traffic. | ||
| local function authorize_options(using_oauth) |
There was a problem hiding this comment.
Wouldn't be nicer to pass self instead of using_oauth ?
Because if the condition changes we would have to change only one place - this method.
There was a problem hiding this comment.
I see that it would also require changing the authrep_path method to expect self instead of just boolean.
Tough choice. Not so sure now. I guess it is fine as it is then!
There was a problem hiding this comment.
I like this option because it makes explicit that the only thing the method needs to know about is if we are running the oauth flow or not. Although as you said, we might need to change the params this method receives and the callers in the future.
davidor
force-pushed
the
no_body_option_backend
branch
from
b018107
to
9a12079
Compare
When no_body is enabled via the 3scale-options-header, backend does not return a response body. The body normally has lots of detail: metrics, limits, plans, etc. In the normal auth flow, all this information is not required. We only need to check the status code of the response. By enabling the no_body option, we will save some work to the 3scale backend and also reduce network traffic. no_body cannot be enabled in the oauth flow, as in that case, we need to parse the response body.
davidor
force-pushed
the
no_body_option_backend
branch
from
9a12079
to
e62464b
Compare
|
Added a changelog entry and rebased on top of master so it doesn't give conflicts. |
| local headers = { ['3scale-options'] = 'rejection_reason_header=1' } | ||
|
|
||
| if not using_oauth then | ||
| headers['3scale-options'] = headers['3scale-options'] .. '&no_body=1' |
There was a problem hiding this comment.
@davidor why don't you first construct the string and then create the headers table... just look at the amount of accesses you are performing.
There was a problem hiding this comment.
it is all going to be JITed ! 
When
no_bodyis enabled via the3scale-options-header, backend does not return a response body. The body normally has lots of detail: metrics, limits, plans, etc. In the normal auth flow, all this information is not required. We only need to check the status code of the response. By enabling theno_bodyoption, we will save some work to the 3scale backend and also reduce network traffic.no_body cannot be enabled in the oauth flow, as there we need to parse the response body.