-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication Framework #4
Conversation
resource groups, resources, actions or requests as authenticated. | ||
Along with defining a framework for creating authentication schemes. | ||
|
||
This RFC does not propose any specific authentication schemes, these are to be |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Those?
bea002a
to
591ad15
Compare
+ username: katie | ||
``` | ||
|
||
You may also provide failure responses in anonymouse authentication schemes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is an anonymous authentication scheme?
Also, spelling: anonymous**e**
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@danielgtaylor Anonymous compared to the named schemes defined in the "Authentication Scheme" section. Anonymous schemes are define in-line within other elements like resources/actions.
Does this make sense?
Just the one question about anonymous authentication, otherwise LGTM! 👍 |
591ad15
to
a37a9dc
Compare
What's the status of this proposal (ie when can we expect this feature to be available)? Also, since this is the relevant PR wrt authentication, maybe good to close the other PR's to avoid confusion? |
I like it. Some qualifications are needed – for example how one can describe the schemes, or specify multiple responses – but as a draft it is solid. Going to merge it after I read the related PRs to verify this works as a framework. |
@zdne I think multiple responses should already be clear, there is a parameter within the For a more complete example, you could use the following to show both a request without authentication and a request with authentication. + Response 200 (application/json)
+ Attributes
+ name: Kyle
+ Request
+ Authenticated (Basic)
+ username: kyle
+ password: b2952d03bda09cb5f63b0162fbbee77c
+ Response 200 (application/json)
+ Attributes
+ name: Kyle
+ email: `[email protected]` Please let me know if it's not clear and I can amend. |
+ username: kyle | ||
+ password: b2952d03bda09cb5f63b0162fbbee77c | ||
+ (Passphrase) | ||
``` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We might want add another example here to show a simple version of this.
+ Authenticated (enum[Basic, Passphrase])
# Passphrase (Basic)
+ username: kyle
+ password: b2952d03bda09cb5f63b0162fbbee77c
+ Response 203 (application/json)
{} I am not sure where exactly you will be putting the description in the above example. I want to describe the Passphrase Authentication Scheme. Where do I do that? |
@kylef My review finished. |
This pull request proposes an RFC for adding an authentication framework to the API Blueprint language.
It supersedes: