This repository has been archived by the owner on Dec 8, 2017. It is now read-only.
Embed access token as Javascript variable via SSI #241
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Coverage remained the same at 76.58% when pulling 30990b231c3dfb063d7b8da95f7b46231547d832 on embed-access-token into fcd7214 on master. |
The motivation for this is to pass the authenticated user's MyUSA access token through so that Javascript can be used to request Midas data per #211. More generally, this should allow us to integrate other backend services that accept MyUSA access tokens. (Care must be taken, of course, to ensure that tokens are sent only over secure connetions.) The upstream auth proxy will pass the OAuth `access_token` into the Hub server via the `X-Forwarded-Access-Token` HTTP header. We then use the Nginx `set` directive to rewrite this header's value as the `access_token` variable, which then gets assigned to a Javascript variable via the `#echo` Server-Side Include directive.
mbland
force-pushed
the
embed-access-token
branch
from
30990b2 to
61317cd
Compare
mbland
changed the title
|
@dhcole This good to go, now that bitly/oauth2_proxy#80 is in and running on hub.18f.us. After merging this, then we should then be able to get #211 in soon. |
|
Nice work. Great that this made it upstream. Keeps this code very simple. 👍 on this, and I'll review #211 and update accordingly. |
dhcole
added a commit
that referenced
this pull request
Apr 3, 2015
Embed access token as Javascript variable via SSI
6 tasks
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The motivation for this is to pass the authenticated user's MyUSA access token
through so that Javascript can be used to request Midas data per #211. More
generally, this should allow us to integrate other backend services that
accept MyUSA access tokens. (Care must be taken, of course, to ensure that
tokens are sent only over secure connetions.)
The upstream auth proxy will pass the OAuth
access_tokeninto the Hub servervia the
X-Forwarded-Access-TokenHTTP header. We then use the Nginxsetdirective to rewrite this header's value as the
access_tokenvariable, whichthen gets assigned to a Javascript variable via the
#echoServer-SideInclude directive.
cc: @dhcole @afeld @adelevie @yozlet @jackiekazil