authentication
bash gradlew reactive-backend:bootRun
http :8001/first # HTTP/1.1 401 Unauthorized
http --auth wrong:wrong :8001/first # HTTP/1.1 401 Unauthorized
http --auth user:user :8001/first # HTTP/1.1 200 OK
authorization
http --auth user:user :8001/ # HTTP/1.1 403 Forbidden
http --auth user:user :8001/all # HTTP/1.1 403 Forbidden
http --auth user:user :8001/all/user # HTTP/1.1 200 OK
http --auth admin:admin :8001/ # HTTP/1.1 200 OK
client
bash gradlew -Dspring.profiles.active=unauth reactive-client:bootRun
http :8002/stream --stream # HTTP/1.1 500 Internal Server Error
bash gradlew --stop
bash gradlew -Dspring.profiles.active=default reactive-client:bootRun
http :8002/stream --stream # HTTP/1.1 200 OK
Content-Type: text/event-stream
transfer-encoding: chunked
data:{"movie":{"id":"59b3478b6f7a24cbcac96dd8","title":"trololo"},"updatedAt":[2017,9,9,4,50,39,777000000]}
data:{"movie":{"id":"59b3478b6f7a24cbcac96dd7","title":"ololo"},"updatedAt":[2017,9,9,4,50,39,777000000]}
# ...
failed flow
1. :client examine (unauthorized) GET request to the :8002 (http :8002) ->
2. :8002 response back 401 error to the :client
success flow
1. :client examine (unauthorized) GET request to the :8001 (http :8001) ->
2. :8001 doing authorization on it's side (http --auth user:user ...) ->
3. :8001 examine (authorized) GET request to the :8002 (http :8002) ->
4. :8002 response back to :8001 ->
5. :8001 respond back to :client
1.1. build run and test
$ bash gradlew bootRun
1.2. unauthorizated request
$ http :8001
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0
Pragma: no-cache
WWW-Authenticate: Basic realm="Realm"
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1 ; mode=block
content-length: 0
1.3. authorizated request
$ http :8002
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
transfer-encoding: chunked
[
{
"id": "59abc107f6abd51a25d45fa2",
"title": "ololo"
},
{
"id": "59abc107f6abd51a25d45fa3",
"title": "trololo"
}
]
success flow
1. :client examine (unauthorized) GET request to the :8001 (http :8001/stream) ->
2. :8001 doing authorization on it's side (http --auth user:user ...) ->
3. :8001 examine (authorized) GET request to the :8002 (http :8002) ->
4. :8002 response back flux of movies to :8001 ->
5. :8001 examine (authorized) GET request to the :8002 (http :8002/events/$id) for each reseived response id ->
6. :8002 response back infinity stream of movie events to the :8001 ->
7. :8001 respond back to :client all reseiving stream of fluxes (amount depends on first response)
authorizated request
$ http --stream :8002/stream
HTTP/1.1 200 OK
Content-Type: text/event-stream
transfer-encoding: chunked
data:{"movie":{"id":"59abd152f6abd52719aa2dd2","title":"ololo"},"updatedAt":[2017,9,3,13,10,13,16000000]}
data:{"movie":{"id":"59abd152f6abd52719aa2dd3","title":"trololo"},"updatedAt":[2017,9,3,13,10,13,16000000]}
data:{"movie":{"id":"59abd152f6abd52719aa2dd3","title":"trololo"},"updatedAt":[2017,9,3,13,10,14,23000000]}
data:{"movie":{"id":"59abd152f6abd52719aa2dd2","title":"ololo"},"updatedAt":[2017,9,3,13,10,14,22000000]}
data:{"movie":{"id":"59abd152f6abd52719aa2dd3","title":"trololo"},"updatedAt":[2017,9,3,13,10,15,17000000]}
data:{"movie":{"id":"59abd152f6abd52719aa2dd2","title":"ololo"},"updatedAt":[2017,9,3,13,10,15,16000000]}