Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Corrects the order of caching + authorization middlewares #1661

Merged
merged 6 commits into from
Oct 16, 2024
Merged

fix: Corrects the order of caching + authorization middlewares #1661

merged 6 commits into from
Oct 16, 2024
+288 −2

Conversation

DimitriosLisenko
Copy link
Contributor

@DimitriosLisenko DimitriosLisenko commented Jan 18, 2024
edited
Loading

Resolves #1660

Before the change?

The HTTP caching doesn't have the Authorization header available to it, and therefore caches + returns values across user boundaries.

After the change?

The HTTP caching middleware happens after then authorization middleware, and therefore has the Authorization header and can cache requests per user.

Pull request checklist

  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been reviewed and added / updated if needed (for bug fixes / features)

Does this introduce a breaking change?

Please see our docs on breaking changes to help!

  • Yes
  • No

@DimitriosLisenko
Place Faraday::HttpCache middleware after the Faraday::Request::Autho…
2d56e82 
…rization middleware because it needs the Authorization header to be set
@DimitriosLisenko
Copy link
Contributor Author

DimitriosLisenko commented Jan 18, 2024
edited
Loading

Alternatively, could use Faraday::RackBuilder#insert to place the authorization middleware first in the list of handlers, which guarantees it will run before the caching middleware (which is set as part of the Faraday object initialization if the README is followed). Since the authorization middleware just sets some headers, this might be safer to do than rearranging the caching middleware, and it also works if somebody is not using Faraday::HttpCache as their caching middleware.

@nickfloyd nickfloyd self-requested a review January 19, 2024 16:22
@nickfloyd nickfloyd added the Type: Bug Something isn't working as documented label Oct 16, 2024
nickfloyd
nickfloyd approved these changes Oct 16, 2024
View reviewed changes
Copy link
Contributor

@nickfloyd nickfloyd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fixes here ❤️

@nickfloyd nickfloyd changed the title Fix order of caching + authorization middlewares fix: Corrects the order of caching + authorization middlewares Oct 16, 2024
@nickfloyd nickfloyd merged commit 8532300 into octokit:v8 Oct 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nickfloyd nickfloyd nickfloyd approved these changes

Assignees
No one assigned
Labels
Type: Bug Something isn't working as documented
Projects
🧰 Octokit Active
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DimitriosLisenko @nickfloyd