search

hapijs / glue

Server composer for hapi.js
Other
245 stars 62 forks source link

Does it necessary Glue have an (optional) event or method/function right after plugin registered before the next(err) tick process? #79

Closed sikancil closed 8 years ago

sikancil commented 8 years ago

Referencing issue for auth plugins required with some different configurations on each connections.

Need to call server.auth.strategy() for single connection and/or connection.auth.strategy, right after preferred auth plugin registered before next(err) tick.

eg:

var authConnectionOptions = {
  'private': {
    key: '1234',
    validateFunc: function(decoded, request, callback){
      return callback( null, true );
    },
    verifyOptions: { algorithms: [ 'HS256' ] },
    cookieKey    : 'privatecookie'
  },
  'public': {
    key: '@Q3f6*bE69zXR2HS5ae*A4JA',
    validateFunc: function(decoded, request, callback){
      return callback( null, true );
    },
    verifyOptions: { algorithms: [ 'HS256' ] },
    cookieKey    : 'publiccookie'
  }
}
var manifest: {
  registration: {
    plugin: 'hapi-auth-jwt2',
    options: { select: [ 'private', 'public' ] },

    //-- new option property to do something befor the next tick
    method: function(connectionLabel){
      return function(err, nextTick){
        if (err) { nextTick(err); return false; }
        //-- here, if necessary to define some methods, before the next tick.
        server.select(connectionLabel).auth.strategy('PrivateJWT', 'jwt', true, authConnectionOptions[connectionLabel]);
        nextTick(null);
      };
    }
  }
};

L117 - L120

Items.serial(registrations, (reg, nextRegister) => {  
  server.register(reg.plugin, reg.options, function(err){ reg.method(err, nextRegister); });
}, next);

https://github.com/dwyl/hapi-auth-jwt2/issues/198#issuecomment-252562072

csrl commented 8 years ago

server.register() with hapi 15+ always calls its callback in nextTick, so the compose callback will always be called on nextTick if you register a plugin, regardless.

What is the failure condition that makes you not want the callback to be in nextTick?

sikancil commented 8 years ago

As reference at 

Error: Unknown authentication strategy private_jwt in /restricted

which in my understanding that the auth-strategy are failed (might late; or not applied to routes) to implement from auth-scheme in specific connection (or all).

Test case:

var __instances = [ 'private', 'public' ];
var glueParams = {
    manifest: {
        connections: [
            {  host: 'sikancil.dev',  port: 9810,  labels: [ 'private' ]  },
            {  host: 'web.sikancil.dev',  port: 9820,  labels: [ 'public' ]  }
        ],
        registrations: [
            {  plugin: 'inert',  options: {  select: [ 'private', 'public' ]  }  },
            {  plugin: 'vision',  options: {  select: [ 'public' ]  }  },
            {  plugin: 'hapi-auth-jwt2',  options: {  select: [ 'private' ]  }  },
            {  plugin: 'yar',  options: {  select: [ 'private' ]  }  }
        ]
    },
    options: {
        relativeTo: __dirname
    }
};

glue.compose( glueParams.manifest, glueParams.options, function (glueError, glueServer) {
    _.forEach(__instances, function (instance, idx) {
        console.log('[hapi-auth-jwt2] plugins is available? ', _.has(glueServer.select(instance).registrations, 'hapi-auth-jwt2'));
        console.log('[hapi-auth-jwt2] auth-scheme is available? ',
            (function () {
                try { glueServer.auth.scheme('jwt'); return false; }
                catch (e) { return true; }
            }())
        );

        if (_.has(glueServer.select(instance).registrations, 'hapi-auth-jwt2')) {
            glueServer.select(instance).auth.strategy(
                instance + '_jwt',             //-- strategy name;  << HERE the Error: Unknown authentication strategy private_jwt in /restricted
                'jwt',                              //-- auth-scheme
                true,
                {
                    key: '1234',
                    validateFunc: function (decoded, request, callback) {
                        //-- assume auth validation is OK
                        return true;
                    },
                    verifyOptions: {algorithms: ['HS256']},
                    cookieKey: 'testGlue'
                }
            );
        }
    });

    glueServer.route({
        method: 'GET',
        path: '/restricted',
        config: {
            auth: 'private_jwt',    //-- strategy name;  << HERE the Error: Unknown authentication strategy private_jwt in /restricted
            app: {
                name: 'private'
            }
        },
        vhost: 'sikancil.dev',
        handler: function($req, $reply){
            return $reply({
                message: 'Hello, you were using <private> connection'
            });
        }
    });

    app.server.start(function(error) {
        if (error) { throw error }
        console.log('Server started!');
    });
});
csrl commented 8 years ago

It seems you are adding the route for all connections, but the private_jwt strategy is only private connection. Probably try to select down to only that one connection and you should be good. Lacking that, I suggest moving this question over to hapijs/discuss for a broader audience. This isn't a problem with the callback being in nextTick, but at usage issue.

lock[bot] commented 4 years ago

This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.