Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support custom path in apiTokenIssuer #139

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: support custom path in apiTokenIssuer #139

wants to merge 1 commit into from

Conversation

marcoquotech
Copy link

@marcoquotech marcoquotech commented Aug 15, 2024
edited by ewanharris
Loading

Description

This PR modifies the refreshAccessToken method to conditionally append the /oauth/token endpoint to the apiTokenIssuer only when the apiTokenIssuer does not include its own path. This ensures that the URL is correctly formed whether the issuer contains a custom path or is just a domain.

References

Closes #141

Review Checklist

  • I have clicked on "allow edits by maintainers".
  • I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev
  • The correct base branch is being used, if not main
  • I have added tests to validate that the change in functionality is working as expected

@marcoquotech marcoquotech requested a review from a team as a code owner August 15, 2024 09:28
@linux-foundation-easycla Linux Foundation: EasyCLA
Copy link

linux-foundation-easycla bot commented Aug 15, 2024
edited
Loading

CLA Signed


The committers listed above are authorized under a signed CLA.

@rhamzeh
Copy link
Member

rhamzeh commented Aug 29, 2024
edited
Loading

Thanks @marcoquotech!

Instead of accepting this, would you mind keeping this in tandem with the support we have in other SDKs.

You can reference this ticket for the details: openfga/sdk-generator#238

Change the apiTokenIssuer field in the configuration to accept a full URL.
So:

ApiTokenIssuer Endpoint SDK will hit
issuer.fga.example https://issuer.fga.example/oauth/token
https://issuer.fga.example https://issuer.fga.example/oauth/token
https://issuer.fga.example:8080 https://issuer.fga.example:8080/oauth/token
issuer.fga.example/some_endpoint https://issuer.fga.example/some_endpoint
https://issuer.fga.example/some_endpoint https://issuer.fga.example/some_endpoint
https://issuer.fga.example:8080/some_endpoint https://issuer.fga.example:8080/some_endpoint

We would also like to see tests to ensure that this is working as expected, see the tests in the Go SDK for example:

https://github.com/openfga/go-sdk/blob/main/api_open_fga_test.go#L277-L319

@rhamzeh rhamzeh mentioned this pull request Aug 29, 2024
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Inconsistency in OIDC token path construction between SDKs (and incompaibility with custom token paths)
2 participants
@marcoquotech @rhamzeh