Factor token provider out into a separate trait #15
Conversation
|
My work project is now using a different |
There was a problem hiding this comment.
It makes me scratch my head that the feature flag actually being evaluated inside of src/ is yup-oauth2, because distinguishing between yup-oauth2 and the newly added yup-authorizer flag seems like a distinction that does more harm than good. hyper-rustls is necessary for code enabled with cfg(feature = "yup-oauth2") to compile, and the compilation failures don't give great diagnostics. This all would get obviated by just checking cfg(feature = yup-authorizer) instead.
Did you have a concrete benefit in mind for using flags this way that I'm not seeing?
Not really, I tend to want to use the "smallest" feature guard so that if you add more complex feature dependencies later on, stuff is a little easier. I changed all of the feature guards to |
|
Rebased this on top of current master. |
|
👏 Nicely done!
Yes, I think that makes a lot of sense. It might even be appropriate to make it the default authorizer? |
I'd certainly prefer it! |
|
Great, let's do that in a follow up PR. I'd like to get this one merged. As for whether or not it should be the default, I'd like to make that choice after I see what data is required to build that authorizer |
|
Sounds good to me. |
I ran into dermesser/yup-oauth2#137. In general, making the authentication/authorization process more explicit in the type system seems like a good idea (in a future PR, the
YupAuthorizerand dependency could become optional).