[
https://issues.apache.org/jira/browse/THRIFT-4221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16036303#comment-16036303
]
Jens Geyer edited comment on THRIFT-4221 at 6/4/17 3:32 PM:
------------------------------------------------------------
* THeaderProtocol
* ServerEvents.
I don't see the point in adding every single special need as a tiny feature.
Over time, this blows the code base and thus is exactly what we don't want with
Thrift. Instead, we should focus on more general concepts like THeaderProtocol.
Alone the fact of having an built-in AuthenticationException in Thrift sounds
like an architectural flaw to me: Authentication or checking permissions or
anything like that is not what I see in Thrift, it belongs to another
application layer. If I need to check permissions, I'll for sure do that in
code parts that do not have dependencies on any RPC mechanism whatsoever,
because I will very likely end up reusing these things in another context.
Personal opinion, of course.
was (Author: jensg):
* THeaderProtocol
* ServerEvents.
> Add Rails like Before Action to Thrift
> --------------------------------------
>
> Key: THRIFT-4221
> URL: https://issues.apache.org/jira/browse/THRIFT-4221
> Project: Thrift
> Issue Type: New Feature
> Components: Wish List
> Affects Versions: 1.0
> Reporter: Devansh Gupta
> Labels: patch
> Fix For: 1.0
>
> Attachments: golang_generated.diff, t_go_generator.diff
>
>
> One issue that comes up often is when we have a service defined with some
> functions and we want to do Authentication & Authorization we need to
> manually call a function from inside the service implementation every time.
> See:
> https://stackoverflow.com/questions/4621715/how-to-handle-authentication-and-authorization-with-thrift
> A decently popular question.
> This ticket proposes to add a _before_action_ (naming flexible) hook which
> will be called before the Service call method is executed. It can _only_
> raise the same errors as defined by the function.
> _It requires the *generate_hooks* option to be set_
> Example diff for Golang generated code for simple service:
> {code}
> exception NotAuthorisedException {
> 1: string errorMessage,
> }
> exception ApiException {
> 1: string errorMessage,
> }
> service MyService {
> string myMethod(1: string authString, 2: string otherArgs ) throws ( 1:
> NotAuthorisedException e1, 2: ApiException e ),
> }
> {code}
> {code}
> + // Called before any other action is called
> + BeforeAction(serviceName string, actionName string, args
> map[string]interface{}) (err error)
> + // Called if an action returned an error
> + ProcessError(err error) error
> }
> type MyServiceClient struct {
> @@ -391,7 +395,12 @@ func (p *myServiceProcessorMyMethod) Process(seqId
> int32, iprot, oprot thrift.TP
> result := MyServiceMyMethodResult{}
> var retval string
> var err2 error
> - if retval, err2 = p.handler.MyMethod(args.AuthString,
> args.OtherArgs_); err2 != nil {
> + err2 = p.handler.BeforeAction("MyService", "MyMethod",
> map[string]interface{}{"AuthString": args.AuthString, "OtherArgs_":
> args.OtherArgs_})
> + if err2 == nil {
> + retval, err2 = p.handler.MyMethod(args.AuthString,
> args.OtherArgs_)
> + }
> + if err2 != nil {
> + err2 = p.handler.ProcessError(err2)
> {code}
> It simply calls BeforeAction, if it raises an error it does NOT procede with
> making the normal call.
> Diffs Attached.
>
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
