On Mon, Oct 30, 2017 at 10:55 AM, Brian Bouterse <bbout...@redhat.com> wrote:
> I think it would be ideal if we used 'Bearer: ' instead of 'JWT: '. If you > use our docs, you'll be able to submit your JWT correctly. If you say 'oh I > see Pulp uses JWT' and you follow the example in the official (I think?) > JWT site [0] you'll submit a JWT to Pulp using those docs it won't work. > This is also a problem in practice; I've heard of two separate occasions > where JWT was thought to be broken because it was submitted 'Bearer: ' > which Pulp wants 'JWT: '. > > The reasoning for the plugin to choose JWT over Bearer has to do with > their goals of being able to be used side-by-side a OAuth2 *and* allow your > auth types to be in any order. I don't think this affects Pulp because Pulp > isn't supporting OAuth2 anytime soon if ever, and even if we do, I don't > think that's a good reason to invent a new way to submit a JWT (which they > did). > > I'm +1 to filing a story against Pulp to configure our usage of the plugin > to have the JWT be submitted using 'Bearer: ' instead of 'JWT: '. Shall I > file this? What do you all think? > > +1 to this as well. > [0]: https://jwt.io/introduction/ > > -Brian > > > On Fri, Oct 27, 2017 at 9:03 AM, David Davis <davidda...@redhat.com> > wrote: > >> There was some discussion on the PR about this: >> >> https://github.com/pulp/pulp/pull/3109#discussion_r138202256 >> >> Basically the package we’re using decided on JWT. See their reasoning >> here: >> >> https://github.com/GetBlimp/django-rest-framework-jwt/pull/4 >> >> >> David >> >> On Fri, Oct 27, 2017 at 8:26 AM, Kersom Moura Oliveira <ker...@redhat.com >> > wrote: >> >>> Hi, >>> >>> I noticed that JWT authorization header was adopted as the default one >>> for Pulp3. [0] >>> >>> Also I read in a few places about Bearer authorization header, as the >>> typical one used for JWT.[1] >>> >>> Is there a specific reason to chose one over the other in Pulp3? >>> >>> Regards, >>> >>> [0] https://docs.pulpproject.org/en/3.0/nightly/integration_guid >>> e/rest_api/authentication.html#using-a-token >>> [1] https://jwt.io/introduction/ >>> [2] https://tools.ietf.org/html/rfc6750 >>> [3 ]https://tools.ietf.org/html/rfc7523 >>> >>> >>> _______________________________________________ >>> Pulp-dev mailing list >>> Pulp-dev@redhat.com >>> https://www.redhat.com/mailman/listinfo/pulp-dev >>> >>> >> >> _______________________________________________ >> Pulp-dev mailing list >> Pulp-dev@redhat.com >> https://www.redhat.com/mailman/listinfo/pulp-dev >> >> > > _______________________________________________ > Pulp-dev mailing list > Pulp-dev@redhat.com > https://www.redhat.com/mailman/listinfo/pulp-dev > >
_______________________________________________ Pulp-dev mailing list Pulp-dev@redhat.com https://www.redhat.com/mailman/listinfo/pulp-dev