martin icon indicating copy to clipboard operation
martin copied to clipboard

Published 20 hours ago verified publisher icon maplibre

Jwt

Open mdtrooper opened this issue 3 years ago • 9 comments

Yes.

The JWT is coded into Martin. And it is runs fine.

Regards :beers: .

mdtrooper avatar Feb 27 '21 04:02 mdtrooper

Codecov Report

Merging #190 (0eaf52e) into master (b998c17) will decrease coverage by 0.93%. The diff coverage is 3.79%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #190      +/-   ##
==========================================
- Coverage   41.14%   40.20%   -0.94%     
==========================================
  Files          13       13              
  Lines        1541     1577      +36     
==========================================
  Hits          634      634              
- Misses        907      943      +36
Impacted Files Coverage Δ
src/bin/main.rs 0.84% <0.00%> (-0.07%) :arrow_down:
src/server.rs 35.45% <0.00%> (-2.22%) :arrow_down:
src/config.rs 51.45% <37.50%> (-3.19%) :arrow_down:
src/lib.rs 34.58% <0.00%> (+0.05%) :arrow_up:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update b998c17...4e5e033. Read the comment docs.

codecov[bot] avatar Feb 27 '21 04:02 codecov[bot]

Hi @mdtrooper! This looks promising, but having read the code I believe it only supports authentication via token validation. Could we extend this solution to support authorization via claim values? My use case is to carry user's id or role in JWT claims in order to use these values to filter results.

PawelBaranowski avatar Sep 29 '21 07:09 PawelBaranowski

@mdtrooper @PawelBaranowski this PR has been open for a while, but sadly has not received any attention. It seems fairly straightforward. Can we resume the discussion about this, maybe as part of an issue, to decide if 1) is this still relevant/needed, 2) how would we automate testing for this as part of CI

nyurik avatar Mar 11 '23 22:03 nyurik

@nyurik TBH I'm (sadly) no longer an active user of Martin. Also, Rust is not my world, so I'll probably be of little help here.

PawelBaranowski avatar Mar 13 '23 20:03 PawelBaranowski

But...one question.

Martin was a project for a company. Urbica o Yandex?

mdtrooper avatar Mar 14 '23 09:03 mdtrooper

Hi @mdtrooper 👋

Martin was created by Urbica.

stepankuzmin avatar Mar 14 '23 10:03 stepankuzmin

Hello, any updates on this?

lefuturiste avatar Oct 05 '23 09:10 lefuturiste

@lefuturiste I would be OK to merge it if this PR would be updated and include unit or integration tests and some rudimentary docs. I have no knowledge of JWT, so I cannot really gauge how this would be used or tested, but if someone puts in the efforts to add support for it (and also clearly explains why it is needed), I'm all for it.

nyurik avatar Oct 27 '23 02:10 nyurik

@lefuturiste I would be OK to merge it if this PR would be updated and include unit or integration tests and some rudimentary docs. I have no knowledge of JWT, so I cannot really gauge how this would be used or tested, but if someone puts in the efforts to add support for it (and also clearly explains why it is needed), I'm all for it.

Okay fair enough, it need docs and tests. May be I can take a look, in my current use of martin, we would use it behind a nginx server with a JWT module so idk. But in anycase some sort of JWT should be implemented at the app level.

lefuturiste avatar Oct 27 '23 06:10 lefuturiste