jakedoublev
commented
2 months ago Something interesting we could think about here is how we want to expose this PlatformConfiguration to SDK consumers.
The current implementation places the exposed PlatformConfiguration on the embedded internal config (lower case) SDK struct field: https://github.com/opentdf/platform/blob/main/sdk/sdk.go#L55
This exposes it as a map[string]interface{} to consumers (with the contract guaranteed through accessor methods alone rather than concrete structure), and makes it visible within intellisense (see below) and at compile time, but not in the generated documentation (see below 2).
Perhaps we could improve this documentation difference during this effort.
strantalis
elizabethhealy
The Problem Today the way the sdk works is it tries to make a call to fetch the platform configuration. The SDK greedily builds the clients, and doesn't discriminate on which clients you want/need.
https://github.com/opentdf/platform/blob/32c09c3993bee369401537a9370478dc519ec415/sdk/sdk.go#L118-L141
This is problematic when trying to leverage the sdk with client credentials in a monolith because our auth interceptor for the sdk requires the token endpoint. The change I am proposing here is to build on what @jakedoublev started when exposing more platform configuration for the cli.
One Approach Other approaches are welcome -- here is one approach: We would restructure the
type PlatformConfiguration map[string]interface{}to be a structThis would then allow us to pass the
PlatformConfigurationinto our internal auth interceptors that we maintain. Allowing us to only make that first configuration call on the very first request for an access token.Acceptance Criteria:
sdk_configwith client id and secret even inipcmode.