propan / geheimtur Goto Github PK
View Code? Open in Web Editor NEWa secret door to your Pedestal application
License: Eclipse Public License 1.0
a secret door to your Pedestal application
License: Eclipse Public License 1.0
If the client is making CORS requests to a pedestal server, the preflight OPTIONS request will not include credentials, so the guard
interceptor will cause it to be refused.
In the fetch-token function, ring-codec/form-decode is used to parse the response. While this works with Github, I had issues setting up integration with Google whose token response payload is json.
There are two ways that this can be handled:
I'd prefer the former over the later. Pedestal already includes Cheshire so we can use it to parse json responses.
What are your thoughts? I'd be happy to work on a pull request.
I think default-form-reader should be identity
. Thoughts?
this doesn't seem to be actively maintained and wondering if this is secure like the friend library?
For instance, I am still running version 0.2.1 and would like to be on the latest stable release, but have to do some log surfing to figure out if/how the changes might affect my application. Again, thank you for releasing this project. Cheers!
I have a logo proposal for you. I want to be a contributor. What do you say?
Application error
An error occurred in the application and your page could not be served. If you are the application owner, check your logs for details. You can do this from the Heroku CLI with the command
heroku logs --tail
Exception in thread "main" java.lang.ExceptionInInitializerError
at clojure.main.<clinit>(main.java:20)
Caused by: java.lang.IllegalAccessError: definterceptorfn does not exist, compiling:(geheimtur/interceptor.clj:1:1)
when a user accesses a resource restricted via basic auth, the return code should be 401 and not 403, so that the browser asks for the credentials again.
I was thinking that sometimes it would be usful to have access to the request information when writing a credentials function.
For example I was playing around with the idea of attaching a datomic db instance into the request. Then I would want to do the user lookup based on that db instance.
Hi!
While using geheimtur, I encountered a problem, where my app cannot login new users after a day of uptime. I've discovered that in our company keys are rotated daily, and my app was using outdated one.
I see in the code of geheimtur.impl.oauth2/authenticate-handler
handler is created and is bound to the value it reads from providers
map.
Could you please consider adding an option to give providers-fn that will provide value in runtime or some similar functionality?
And of course, thank you for the excellent library.
First off, thanks for your great work on this!
We've run into a problem while implementing a Google provider, namely that Geheimtur doesn't allow the addition of extra query params to initial auth requests in geheimtur.impl.oauth2/authenticate-handler
. This is a bit of a dealbreaker with providers like Google that (annoyingly) use extra params to control requested access. For instance, the access_type
param controls whether or not a refresh token will be available (see "Step 2").
This could be alleviated pretty easily by adding a key to the provider map with a map value which would be converted to additional query params.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.