Making the https_only client configuration option editable #451
Conversation
|
Hey @Gaelik-git, So I think this is a pretty good idea and a good use case. My only concern is that it won't work for a future release thats already planned for updating the oauth/openid impl which will update the client to only allow the national clouds that are available for Microsoft Graph meaning the only URLs that could actually be used to call the Graph API. The reason there is not currently a way to set https only to false is well because its a security issue but also it probably just woudn't ever work since the Graph API requires it. But I do like the use case for what your wanting to do. And so I am thinking that this would work well as a feature flag. That way users of the crate must opt in to a feature in order to set https only to false. And in the updates I am making for oauth/openid I will also add the ability to set a custom endpoint that is not a national cloud and provide that method under the same feature flag. So, if your willing to compromise I think what could be done right now is to add a feature flag to graph-http in the Cargo.toml below the other features here with this line: test = []For the https_only method add the cfg feature annotation: #[cfg(feature = "test")]
pub fn https_only(mut self, https_only: bool) -> GraphClientConfiguration {
self.config.https_only = https_only;
self
}Then add the same feature flag to the main Cargo.toml, with it also enabling the graph-http feature: And when you use the SDK of course just enable the feature: graph-rs-sdk = { version = "1.1.2", features = ["test"] }And like I mentioned before, in future versions when we start validating the URLs for the national clouds, I will add a method to the client under that same feature that will enable setting the endpoint to a custom value. Obviously, for now you can just continue to use the Does that work? |
|
I understand your idea ! I think it would fit my need. Do you think the feature should be named |
|
I implemented your suggestion with the feature name |
|
Another solution would be to just update the default value of https_only ? impl ClientConfiguration {
pub fn new() -> ClientConfiguration {
let mut headers: HeaderMap<HeaderValue> = HeaderMap::with_capacity(2);
headers.insert(ACCEPT, HeaderValue::from_static("*/*"));
ClientConfiguration {
access_token: None,
headers,
referer: true,
timeout: None,
connect_timeout: None,
connection_verbose: false,
#[cfg(feature = "http-allowed")]
https_only: false,
#[cfg(not(feature = "http-allowed"))]
https_only: true,
/// TLS 1.2 required to support all features in Microsoft Graph
/// See [Reliability and Support](https://learn.microsoft.com/en-us/graph/best-practices-concept#reliability-and-support)
min_tls_version: Version::TLS_1_2,
}
}
}Something like this should be ok ? |
I think it should be named The feature flag is meant to enable utilities used when testing and the name should be related to that basically. In this case it wouldn't make sense that the name would be Doing the feature this way is simlar to how Tokio has a feature called |
|
I renamed the feature to |
That works for me. Thanks for the work on this 🚀 |
|
Thanks for the support on this. Any idea when will be the next release ? |
I'll try to see if I can get a minor version published here within a day or two. The tests seem to be failing for something unrelated to this so I need to take a look at it and id rather not publish before I know for sure. I don't see how anything in this PR could cause failures so nothing major, but I don't like to publish if the build tag on the README says the tests are failing. |
|
Hey !
I would like to use Wiremock-rs to mock the usage of this lib in my app, the wiremock-rs does not support https mock server for now (LukeMathWalker/wiremock-rs#58)
With the
use_endpointmethod already existing, this default https_only option is the only piece missing to be able to mock the lib. Do you think this change fits ?