Ensure the request body is not emptied in Faraday v1.0.0 #43
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Domon
requested review from
SharonVaughan,
mjerkovic-envato,
intuxicated,
mjward,
stevend,
delfinag,
orien,
zubin,
lparry and
nocache
zubin
reviewed
Feb 6, 2020
| @@ -16,7 +16,7 @@ def call(env) | |||
| method: env[:method], | |||
| path: env[:url].request_uri, | |||
| headers: env[:request_headers], | |||
| body: env.fetch(:body, ::JWTSignedRequest::EMPTY_BODY), | |||
| body: env[:body] || (env[:body] = ::JWTSignedRequest::EMPTY_BODY), | |||
There was a problem hiding this comment.
Would it be less surprising (more readable) to set this beforehand? eg:
env[:body] ||= ::JWTSignedRequest::EMPTY_BODY
@jwt_token = ::JWTSignedRequest.sign(So this would become simply:
Suggested change
| body: env[:body] || (env[:body] = ::JWTSignedRequest::EMPTY_BODY), | |
| body: env[:body], |
Great catch btw!
|
Thanks everyone for reviewing 🙏 |
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context
JWT Signed Request's Faraday middleware does not work as expected when the request has a body (e.g. a
POSTrequest) and Faraway version isv1.0.0.It empties the request body no matter the request body has been set or not.
Change
Replace the problematic
#fetchmethod with#[]and#[]=to ensure JWT Signed Request works as expected in Faradayv0.17.3orv1.0.0.Considerations
The
Faraday::Env#fetchmethod (inherited fromFaraday#Options) works in a way different from theHash#fetchmethod. It not only returns the value when the key exists but also sets the value of the key (❗️) if a second argument is provided.https://github.com/lostisland/faraday/blob/099dd45f63ff99bbb343eebf7504a3cf0b10bc63/lib/faraday/options.rb#L76-L88
JWT Signed Request uses this method to obtain the request body or set it to an empty string if it was
nil.In Faraday v1.0.0, the
:bodyoption has been replaced with the new:request_bodyand:response_bodyoptions. Smarter getter (#[]) and setter (#[]=) methods are provided. When the argument is:body, they access:request_bodyor:response_bodydepending on if:statushas been set.lostisland/faraday#847
However, the
#fetchmethod remains the same.A request with a body will have the
:request_bodyoption set but not the:bodyoption. That results in JWT Signed Request think the request body was not provided and sets:request_bodyto an empty string.Instead of the
#fetchmethod, I propose we use the#[]and#[]=method instead.