search

smartive / zitadel-node

ZITADEL SDK for Node.js
https://www.npmjs.com/package/@zitadel/node
Apache License 2.0
17 stars 8 forks source link

RPC calls and Axios #435

Open wmoussa-gc opened 3 months ago

wmoussa-gc commented 3 months ago

It's odd that a package using RPC calls (HTTP/2 only) includes Axios (HTTP/1) in its logic. How do you recommend making this work?

tafaust commented 1 month ago

@wmoussa-gc There is only a single usage of axios in this repository here with the authenticate method to invoke the token endpoint.

I have implemented the same thing on my end before I discovered this library and the post request with HTTP/1 works because Zitadel *supports HTTP/2 but does not enforce it and will default to its REST API (afaiu). See the official docs here: https://zitadel.com/docs/self-hosting/manage/http2

However, I want to stress that axios does not support HTTP/2 and is therefore not a good choice. There exists alternatives (see this comparison from one of the alternatives). I would not recommend to use Ky because "zitadel-node" is (as the name suggests) not to be used in the browser because there is a high likelihood of leaking secrets.

@buehler FYI :)

tafaust commented 1 month ago

@wmoussa-gc I've seen this commit in a fork of this repo: https://github.com/smartive/zitadel-node/commit/7d5dee89db3b6f2629695f3160af8f592daf3cf8#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5R7 which uses got. I think you could easily apply the patch through 

git apply https://github.com/primerouting/zitadel-node/commit/7d5dee89db3b6f2629695f3160af8f592daf3cf8.patch