createTokenRequest without key option #21
Comments
mattheworiordan
added
bug
|
I see also that the keyValue does not behave like it should in the documentation: I get the error 'No key specified' |
|
One more issue, the token request Hash that is returned has a Hash object for the capability element, but it should be a Stringified JSON object. I believe if you receive a JSON capability the client library should be default Stringify it. Example request: new Ably.Realtime({ key: apiKey }).auth.createTokenRequest(
{ keyId: keyId, keyValue: keyValue },
{ "ttl": 600, "capability": { "*":["*"] } }, function(token) {
console.log(token);
)
'{
"id": "xVLyHw.lwnKYQ",
"ttl": 600,
"capability": {
"*": [
"*"
]
},
"timestamp": 1427235284,
"nonce": "0452151051722466",
"mac": "XslUpDsA5OQ7PSMKcrdb3IpMXNJg5VPXMyjVAgwsKyc="
}' |
|
Resolved |
See ably/ably-js#21, which should mean this was not required
|
I do not believe this is fixed unfortunately, see ably/docs@7c60e3b which I had to do now to get |
See ably/ably-js#21, which should mean this was not required
|
See https://jsbin.ably.io/anadag/3/edit, this is not fixed. |
|
@SimonWoolf : could you have a look at this please? |
|
@mattheworiordan Addressed both in #83. Good spot re stringifying the createTokenRequest -- without that the capability part of the signText was just "[object Object]". (edit: removed inaccurate suggestion) |
Hopefully ok: https://github.com/ably/realtime/blob/master/common/lib/security/authmgr.js#L391-L392 |
In the Ably Ruby library when calling createTokenRequest, if an API key has been specified in the constructor, then there is no need to specify a key ID in the createTokenRequest method. Given most people will only issue tokens for the set up API key and we treat API keys as opaque (i.e. key ID is not really relevant), I recommend we change the createTokenRequest in the JS client library so that:
The text was updated successfully, but these errors were encountered: