Add support for Application ID auth pattern

[philipgough]

Moves to 1.1 codebase

Post review/approval

• Docs update
• Modify sample templates

TODO - Verification Steps

• Test User Key headers and query params
• Test User Key headers and query params individual
• Test APP ID headers and query params
• Test APP ID headers and query params individual
• Test App Id with App Key
• Test App Id without key

[codecov-io]

Codecov Report

Merging #58 into master will increase coverage by 1.14%.
The diff coverage is 93.18%.

@@            Coverage Diff             @@
##           master      #58      +/-   ##
==========================================
+ Coverage   85.61%   86.75%   +1.14%     
==========================================
  Files           3        3              
  Lines         438      438              
==========================================
+ Hits          375      380       +5     
+ Misses         40       37       -3     
+ Partials       23       21       -2

Impacted Files	Coverage Δ
pkg/threescale/threescale.go	84.35% <93.18%> (+2.79%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 630fa40...e83a665. Read the comment docs.

[unleashed]

Check comments - since we will be detecting the authn used, we want to be lenient about existing parameters (ie. ignoring them) and use a specific priority order.

[unleashed]

we've been talking about this, but just to rule out this last thought of mine out of being a bit naive: setting here a property like query: request.query_params (the whole map) does not work, does it?

[philipgough]

I couldn't get that to work. Thats what I thought initially. Cant seem to have nested maps. I will try out some other stuff in the mean time but it wont be hard to go from this to a working alternative.

[unleashed]

we could be interested in knowing whether these parameters are empty or they weren't specified, perhaps we can leave out the "" and test for nil?

[unleashed]

(for a bit of context, there is in 3scale, under certain conditions, a semantic difference between specifying an empty app_key to the Service Management API and simply not specifying it at all)

[philipgough]

I don't think that's going to be achievable with the current client. The default string value in go is "".

When we create the params, even if we don't set it it will become empty string. I think would need to go ahead and use pointers to strings in the client to get this behaviour.

Happy to create an issue on it and fix, but my suggestion is leave this as is for now, wdyt?

[unleashed]

Not sure if it's more idiomatic to group these together in golang, I personally prefer to have the definition next to the implementation of methods, perhaps one struct + methods per file (as in Java) to have all the information together for easy reference, but I don't have a strong opinion in this particular case (just FYI in case you didn't consider alternatives).

[philipgough]

Well this is not uncommon in go. Even the stdlib uses types.go files. The reason I have done this is looking ahead slightly.

I spoke to @jmprusi who has a use cause for decoupling the actual so I expect some refactoring, but I'm ok with putting these back where they were if you like. Once the type methods aren't spread across files I'm fine either way.

[unleashed]

No, it's ok this way, I just FYI'ed it. :)

Decoupling this from its context... well, it's going to cost a bit. Let @jmprusi volunteer to extract the logic out and make it available for us as a shared library. :D

[philipgough]

@jmprusi has just been volunteered. Thanks @jmprusi 👍 🥇

[unleashed]

I'd say we prefer this to be "I will use user_key=MATCH and ignore app_key".
We can define this order:

1. Presence of user_key? => process user_key, goto 3
2. Presence of app_id? => goto 2.a
   2.a Presence of app_key? => process app_id with app_key, goto 3
   2.b Process app_id without app_key
3. Done.

Of course, if we knew we were supposed to only be using app_id/app_key, we'd be ignoring the other steps (ie. 1).

[unleashed]

if Subject == nil we can probably error out earlier, before matching rules, right?

[philipgough]

True, Again this is just covering a messed up config and avoiding a panic but yes, I'll move this to fail early

[philipgough]

Fixed

[unleashed]

Looking better, check comments.

[unleashed]

we could be interested in knowing whether these parameters are empty or they weren't specified, perhaps we can leave out the "" and test for nil?

[unleashed]

(for a bit of context, there is in 3scale, under certain conditions, a semantic difference between specifying an empty app_key to the Service Management API and simply not specifying it at all)

[unleashed]

Looks good, check comments for minor things to correct.

[unleashed]

Probably mention the "pair" of App ID and App Key, as it is referred to like this in docs. Also, this should be 2.

[unleashed]

👍