[aerogear-dev] OAuth2 authotization and Pipe integration

Summers Pittman supittma at redhat.com
Thu May 15 11:44:51 EDT 2014


I don't like it because it moves the concerns of bad accounts, account 
creation, authorization lifecycle error handling into the failure 
method of the pipe callback.  Those concerns don't belong there.

However I am fine with the module refreshing the accesstoken if a 
refresh token is provided.  If an error happens then that is something 
more "in line" with reasonable expectations for a authorized request.


On Thu 15 May 2014 03:56:28 AM EDT, Corinne Krych wrote:
> Hello folks
>
> I’ve been thinking about providing a more fluid integration between authz and pipes.
>
> Right now to read a list of GoogleDrive document, we need to read the pipe in the success callback of authz’ requestAccess:
>
>      AGAuthorizer* authorizer = [AGAuthorizer authorizer];
>      _restAuthzModule = [authorizer authz:^(id<AGAuthzConfig> config) {
>           ...
>      }];
>
>      [_restAuthzModule requestAccessSuccess:^(id object) {
>        		 id<AGPipe> documents = [googleDocuments pipe:^(id<AGPipeConfig> config) {
>         		 [config setName:@"files"];
>         		 [config setAuthzModule:authzModule]; // inject authz
>       		 }];
>
>     		 [documents read:^(id responseObject) {
>          		// do sth with response
>     		 } failure:^(NSError *error) {
>         			 // when an error occurs...
>     		 }];
>      } failure:^(NSError *error) {
>          NSLog(@"Failure in getting access token");
>      }];
>
> What about if we just initialize authzModule and inject it into pipe. Once the pipe read (or any crud) it will be the pipe that first fetch tokens (or  renew - whaetever is needed) and on success read the pipe. Basically we do the callback chaining internally in the Pipe instead of letting the developer deal with it.
>
>      AGAuthorizer* authorizer = [AGAuthorizer authorizer];
>      _restAuthzModule = [authorizer authz:^(id<AGAuthzConfig> config) {
>           ...
>      }];
>
>      id<AGPipe> documents = [googleDocuments pipe:^(id<AGPipeConfig> config) {
>        		 [config setName:@"files"];
>         		 [config setAuthzModule:authzModule]; // inject authz
>      }];
>
>      [documents read:^(id responseObject) {
>          		// do sth with response
>        } failure:^(NSError *error) {
>         			 // when an error occurs...
>      }];
>
> It feels much fluid on the user.
> Doing so we “force” the app flow to ask token when it needs it, not in advance at startup of app. but i think this is good practice to lazy authz your app.
>
> Thoughts?
>
> Test repo can be found here:
> https://github.com/corinnekrych/aerogear-ios/blob/transparent.refresh/AeroGear-iOS/pipeline/AGRESTPipe.m#L169
> https://github.com/corinnekrych/aerogear-ios-cookbook-1/blob/AGIOS-145.refresh/GoogleDrive/GoogleDrive/AGViewController.m
>
> ++
> Corinne
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev



--
Summers Pittman
>>Phone:404 941 4698
>>Java is my crack.



More information about the aerogear-dev mailing list