Comments (4)
@christiancompton
I agree that we shouldn't expect users to implement this themselves. We should probably have another repo similar to Kitura-CredentialsGoogle that handles the Cloudant authentication and plugs into CouchDB.
I will try and prototype the bearer authentication on this repo and make a temporary repo for the IAM login to demonstrate how I think these should interact.
from kitura-couchdb.
IAM apikey authentication works similar to OAuth2 where you have an API key, you go to a third party source with that key and get a temporary access_token. You then use that token in your "Authorization" header with the prefix "Bearer " for all your requests.
The OAuth flow would be hard coded to IBM Cloudant and so shouldn't be implemented within Kitura-CouchDB.
However generic use of the bearer authentication header could be supported. A user could then use a different repo to get their access token, provide that to Kitura-CouchDB and this would be attached to requests to allow a user to work with IAM authentication.
from kitura-couchdb.
@ricellis How would you recommend proceeding in terms of supporting IAM-only credentials? I understand the goal to keep this library CouchDB specific and environment agnostic.
Cloudant is shown in a lot of our examples, and right now there is no way users can use IAM-only credentials in Swift. There is a distinct lack of a different repo to get their access token for IBM IAM - right now every SDK owner needs to add their own authentication methods to their SDKs - that is what the Watson SDK :( .
@Andrew-Lees11 I am not convinced that this would be easy for users to do themselves . Even if we did document what the user would need to do with a bearer authentication headers, it still seems like substantial configuration is needed. Is there anyway we can make this more consumable for Cloudant? I don't see why the OAtuh flow could not be configurable, perhaps defaulting to cloudant but easily overwritten.
Maybe a library could be shared with https://github.com/cloudant/swift-cloudant.
from kitura-couchdb.
The approach we've taken in our other Cloudant client libraries is to accept an IAM API key and exchange it with the IAM service for a token and then pass that token to Cloudant's iam_session
endpoint to exchange for an auth cookie (although the Authorization
header works equally well - we just save passing a bigger payload on every request by using the cookie).
We haven't added this IAM support to swift-cloudant yet - using the common IAM support of the core Watson SDKs is likely what we'll do going forwards.
from kitura-couchdb.
Related Issues (20)
- Using `+` in a document `_id` HOT 7
- Update Documentation for filer & query
- How to get out of the Callback Hell HOT 1
- Improve documentation for queryByView with decodeDocuments HOT 1
- queryByView sometimes returns nil and sometimes returns the correct documents HOT 1
- QueryParameters.stale(.OK) returns 400 when used
- queryByView and reduce functions in views HOT 2
- Define dateEncodingStrategy HOT 1
- create a big database HOT 1
- error: dependency 'CouchDB' in target 'xxx' requires explicit declaration HOT 1
- Move to travis-ci.com (instead of travis.org) HOT 1
- Fix jazzy generated docs
- Improve documentation
- Add link to Jazzy docs to README
- Swift PM enters an infinite loop with CouchDB + Kitura HOT 6
- Support for Codable JSON rather than SwiftyJSON? HOT 2
- Authenticate using Cookies HOT 1
- Add support for Bulk get of documents HOT 1
- CouchDB Kitura NIO tests failing on Linux HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kitura-couchdb.