Authentication Framework #4
Conversation
| resource groups, resources, actions or requests as authenticated. | ||
| Along with defining a framework for creating authentication schemes. | ||
|
|
||
| This RFC does not propose any specific authentication schemes, these are to be |
kylef
force-pushed
the
kylef/authentication
branch
from
bea002a
to
591ad15
Compare
| + username: katie | ||
| ``` | ||
|
|
||
| You may also provide failure responses in anonymouse authentication schemes. |
There was a problem hiding this comment.
What is an anonymous authentication scheme?
Also, spelling: anonymous**e**
There was a problem hiding this comment.
@danielgtaylor Anonymous compared to the named schemes defined in the "Authentication Scheme" section. Anonymous schemes are define in-line within other elements like resources/actions.
Does this make sense?
|
Just the one question about anonymous authentication, otherwise LGTM! 👍 |
kylef
force-pushed
the
kylef/authentication
branch
from
591ad15
to
a37a9dc
Compare
|
What's the status of this proposal (ie when can we expect this feature to be available)? Also, since this is the relevant PR wrt authentication, maybe good to close the other PR's to avoid confusion? |
|
I like it. Some qualifications are needed – for example how one can describe the schemes, or specify multiple responses – but as a draft it is solid. Going to merge it after I read the related PRs to verify this works as a framework. |
|
@zdne I think multiple responses should already be clear, there is a parameter within the For a more complete example, you could use the following to show both a request without authentication and a request with authentication. + Response 200 (application/json)
+ Attributes
+ name: Kyle
+ Request
+ Authenticated (Basic)
+ username: kyle
+ password: b2952d03bda09cb5f63b0162fbbee77c
+ Response 200 (application/json)
+ Attributes
+ name: Kyle
+ email: `[email protected]`Please let me know if it's not clear and I can amend. |
| + username: kyle | ||
| + password: b2952d03bda09cb5f63b0162fbbee77c | ||
| + (Passphrase) | ||
| ``` |
There was a problem hiding this comment.
We might want add another example here to show a simple version of this.
+ Authenticated (enum[Basic, Passphrase])
# Passphrase (Basic)
+ username: kyle
+ password: b2952d03bda09cb5f63b0162fbbee77c
+ Response 203 (application/json)
{}I am not sure where exactly you will be putting the description in the above example. I want to describe the Passphrase Authentication Scheme. Where do I do that? |
|
@kylef My review finished. |
This pull request proposes an RFC for adding an authentication framework to the API Blueprint language.
It supersedes: