Open ElridgeDMello opened 8 years ago
Individually app.use(...)
ing the server, security, and error handlers appears to be the problem. If I compose
them together, it appears to function as intended:
ramlParser.loadFile(join(__dirname, 'api.raml'))
.then(function (raml) {
const middleware = [];
const handler = osprey.server(raml, {
discardUnknownBodies: false,
discardUnknownQueryParameters: false,
discardUnknownHeaders: false,
});
const security = osprey.security(raml, {
custom_auth: myCustomAuthScheme
});
const error = osprey.errorHandler();
middleware.push(security);
middleware.push(handler);
middleware.push(error);
const result = compose(middleware);
result.ramlUriParameters = handler.ramlUriParameters;
app.use(result, router);
app.listen(PORT, function() {
console.log('Express server listening on port ' + PORT);
});
});
We are unable to use a custom security scheme based on the instructions listed at osprey's README.
We are using passport to setup the authentication middleware.
The issue/observed behavior is that the custom authentication function (
passport.authenticate('my-apikey', { session: false })
) specified as part ofmyCustomAuthScheme
is not executed when handling a request.All the code that is needed to test this is specified as the three blocks below. Save the three files with the names listed, then
npm install && npm start
to start up the app.api.raml
:app.js
:package.json
:Test Case:
Execute this curl request:
Expected behavior:
The app should return a 401 Unauthorized response
Actual behavior:
The
/users
resource is returned.