+1 for isAuthenticated, but I would rather to have it renamed to
isLoggedIn
-1 for getAuthToken - You're giving the benefit of the doubt here,
allowing people to do whatever they want with it, for example: put it
on local storage, save it in txt file (people are strange :) ).
It should be "transparent" to our devs and just for the record, token
is specific to our domain in AeroGear.
Oh, well in that case forget everything I said in favor of
getAuthToken. I thought it was supposed to be more generic than that.
I'll hide it.
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Monday, October 29, 2012 at 2:49 PM, Matthias Wessendorf wrote:
> On Mon, Oct 29, 2012 at 5:47 PM, <supittma(a)redhat.com
> <mailto:supittma@redhat.com>> wrote:
>> On 10/29/2012 12:36 PM, Matthias Wessendorf wrote:
>>>
>>> On Mon, Oct 29, 2012 at 5:24 PM,<supittma(a)redhat.com
>>> <mailto:supittma@redhat.com>> wrote:
>>>>
>>>>
>>>> On 10/29/2012 11:30 AM, Matthias Wessendorf wrote:
>>>>>
>>>>> * get_authToken and isAuthenticated => should they be really
exposed
>>>>> on the interface?
>>>>> On iOS I am doing that in an _internal_ class (see [1])
>>>>
>>>> I think it should be. The whole point of the module is to
>>>> provide/fetch/manage that information.
>>>> I could see the argument for moving authtoken out (either into a
>>>> typesafe class or making it private). isAuthenticated is kinda
>>>> fundamental IMHO
>>>
>>> I am fine with exposing 'isAuthenticated()', but the
"getAuthToken"
>>> should be really not made available on the public API, IMO
>>>
>>>
>>> -M
>>
>> It has to be exposed somewhere so that the Pipe can apply the
>> security to
>> its request.
>
> right - that's why I added some internal API for that
>
> but an end-user should IMO not be able to directly invoke "getToken()"
>
> -M
>
>
>> Alternatively, AuthModule can apply security to the request but it will
>> require some refactoring to the Pipes API.
>>
>>
>>>>> * builder
>>>>> is that close to what passos suggested for pipe/pipeline ?
>>>>
>>>> Moving in that direction
>>>>>
>>>>> -M
>>>>>
>>>>>
>>>>> [1]
>>>>>
https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGea...
>>>>>
>>>>>
>>>>> On Fri, Oct 26, 2012 at 6:12 PM, Summers
>>>>> Pittman<supittma(a)redhat.com
<mailto:supittma@redhat.com>>
>>>>> wrote:
>>>>>>
>>>>>> My initial work is
>>>>>>
here:https://github.com/aerogear/aerogear-android/tree/auth
>>>>>>
>>>>>> Changes to existing classes/API:
>>>>>>
>>>>>> HttpProvider now returns a class called HeaderAndBodyMap. This is
a
>>>>>> Map of
>>>>>> the headers along with a byte array which was the body of the
>>>>>> response.
>>>>>>
>>>>>> HttpProvider will throw a HttpException if it does not receive a
200
>>>>>> status
>>>>>>
>>>>>> HttpException wraps some information about the HTTP result.
>>>>>>
>>>>>>
>>>>>> Description of current Auth Classes and Methods:
>>>>>>
>>>>>> Interfaces:
>>>>>>
>>>>>> Authenticator is a factory/lookup class a la Pipeline.
>>>>>>
>>>>>>
>>>>>> AuthenticationModule is a module that manages a authenticated
users
>>>>>> credentials. Provides enroll, login, logout, authToken, and
>>>>>> isAuthenticated.
>>>>>>
>>>>>>
>>>>>> Builder is an interface that can instantiate an instance of
>>>>>> AuthenticationModule.
>>>>>>
>>>>>>
>>>>>> Classes:
>>>>>>
>>>>>> DefaultAuthenticator implements Authenticator
>>>>>>
>>>>>>
>>>>>> RestAuthenticationModule implements AuthenticationModule only
>>>>>> login is
>>>>>> implemented.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Todo:
>>>>>>
>>>>>> Implement the rest of the methods in RestAuthenticationModule
>>>>>>
>>>>>>
>>>>>> Update Pipe implementations to use the AuthenticationModules
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> aerogear-dev mailing list
>>>>>> aerogear-dev(a)lists.jboss.org
<mailto:aerogear-dev@lists.jboss.org>
>>>>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org>
>>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>
> --
> Matthias Wessendorf
>
> blog:
http://matthiaswessendorf.wordpress.com/
> sessions:
http://www.slideshare.net/mwessendorf
> twitter:
http://twitter.com/mwessendorf
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org>
>
https://lists.jboss.org/mailman/listinfo/aerogear-dev