[Issue #42] Allow a 'redirect_url' parameter for client registrations

[ferjm]

No description provided.

[coveralls]

Coverage increased (+0.5%) to 86.066% when pulling 522822a on ferjm:redirect_url into 7c81079 on mozilla-sensorweb:master.

[coveralls]

Coverage increased (+0.5%) to 86.066% when pulling dc2a1b4 on ferjm:redirect_url into 7c81079 on mozilla-sensorweb:master.

[julienw]

Some nits, some questions, some remarks for later.

[julienw]

nit: looks like an indentation mismatch; I don't have any preference with/without, up to you :)

[julienw]

not for this patch, but I'm not a big fan of this indentation mechanism. As a result we need to change all lines when we really need to add 1 line...

[ferjm]

Ok, fair enough

[julienw]

nit: tell me what you think, I would use "authRedirectUrl" to make it clear, when looking at the database, that this is for the authentication process.

[julienw]

I realize we also need a authFailureRedirectUrl (that could be null)

[ferjm]

Sounds good. I'll change the naming and add the failure redirect url

[julienw]

(not for this patch either)

I don't really like how the errors are generated currently. For example I don't get why we need to put the numeric error number when errors.js already have it... It's also difficult to remember the order of the parameters.

Here is how I did it in a previous app:

• in the main app configuration file: https://github.com/project-abigail/calendar-server/blob/master/app.js#L46-L68
• here are my errors: https://github.com/project-abigail/calendar-server/blob/master/utils/errors.js
• here is an example about how to use them: https://github.com/project-abigail/calendar-server/blob/master/routes/users.js#L38-L41

[ferjm]

I'll file an issue for this.

[ferjm]

#44

[julienw]

same remark about the naming: authRedirectUrl ?

[julienw]

So it's optional ?

[ferjm]

Yes, as mentioned above, I think it should be optional.

[julienw]

nit: I'd find it more readable to use a default: close to set ERRNO_BAD_REQUEST. (+ eslint will be happier when I'll set it up :) )

[ferjm]

Ok

[julienw]

allowNull: false ? Or a null means we can't login ? :)

Another question: do you think a client would want to configure several redirect urls ? (Facebook permits it)

[ferjm]

allowNull: false makes the field mandatory. I was thinking that we should probably allow creating new clients without auth redirection urls. Some of these clients might not want to use the APIs that will require user authentication (I think for now we will have only an API to bookmark sensors requiring user authentication). Some clients might only be interested on pushing sensors data to the server. And for sensors authentication we can't use a redirection url (we can't redirect to a sensor) so the authentication process will be different.

Allowing to configure several redirection urls sounds good.

[julienw]

ok for me !

[coveralls]

Coverage increased (+0.5%) to 86.111% when pulling 642ebf8 on ferjm:redirect_url into 7c81079 on mozilla-sensorweb:master.

[julienw]

lgtm, thx !

[julienw]

I realize that it is isURL we want here. I don't know why we didn't see it earlier, but now this fails badly for me.

[julienw]

this should have found the issue; I don't know why this doesn't :/ (but locally it actually fails for me...)

[julienw]

ah, this is interesting, this works with a clean node_modules. :)

[julienw]

https://github.com/sequelize/sequelize/blob/2f8930f84837722f5a6e2f288a3a20dcaf247d4e/lib/utils/validator-extras.js#L18-L20
oooh bad bad bad sequelize monkey-patching validatorjs, and so the behavior seems to depend on the order of something...

[ferjm]

Ugh... thanks for finding the issue.