- Issue created by @anton4uk
- Status changed to Needs review
almost 2 years ago 11:27am 7 July 2023 - last update
almost 2 years ago 100 pass - Status changed to RTBC
over 1 year ago 6:24pm 9 November 2023 - Status changed to Needs work
over 1 year ago 1:52pm 20 December 2023 - π΅πΉPortugal jcnventura
This needs to be made a lot more robust.. Imagine you have a running site using this module just fine, and then decide to enable the key module.. Suddenly your keys no longer work, as the code in #2 suddenly expects that the configuration values refer to keys with the same name managed by the key module.
The way this should work is to refactor the client id and secret configuration to add a "provider" attribute that indicates the use of the key module. Naturally, the module should then be blocked if the key module is disabled.
- First commit to issue fork.
- @svendecabooter opened merge request.
- π§πͺBelgium svendecabooter Gent
I have created a merge request that reworks this concept, as suggested by jcnventura.
It adds a "credentials_provider" to the plugin configuration, that defaults to "config", which will just keep on storing the client_id and client_secret in the plugin configuration, as is the case currently.
If the "Key" module is installed, an optional second credentials provider gets added to the dropdown list, and users are able to optionally select a multivalue key for retrieving the appropriate credentials.If the Key module is not installed, nothing changes. If the key module is installed, nothing changes by default, but you can opt-in to use a Key rather than providing the credentials inline.
Thanks for reviewing this MR and considering whether this could be added to the module.
- π§πͺBelgium svendecabooter Gent
Patch version of the current MR state, for Composer based patching workflows.