Skip to content

Senseless Default-Parameter in new TMVCJWTAuthenticationMiddleware Constructor #573

New issue
New issue
Closed
Closed
Senseless Default-Parameter in new TMVCJWTAuthenticationMiddleware Constructor#573
Assignees
danieleteti
Labels
acceptedIssue has been accepted and inserted in a future milestone
Milestone
3.2.2-nitrogen
@DeddyH

Description

@DeddyH
DeddyH
opened on Sep 10, 2022

In the "new" constructor the fourth parameter AConfigClaims of type TJWTClaimsSetup is default nil, but if you leave it blank you will get an exception in OnBeforeRouting. To solve this problem I suggest one of the following solutions:

  1. Make it mandatory. This would require swapping params for uniqueness, e.g.
constructor Create(
  AConfigClaims: TJWTClaimsSetup; 
  AAuthenticationHandler: IMVCAuthenticationHandler; 
  ASecret: string = 'D3lph1MVCFram3w0rk';
  ALoginURLSegment: string = '/login'; 
  AClaimsToCheck: TJWTCheckableClaims = []; 
  ALeewaySeconds: Cardinal = 300); overload; virtual;
  1. Leave the signature as is, but set up a default one if nil, e.g.
constructor TMVCJWTAuthenticationMiddleware.Create(AAuthenticationHandler: IMVCAuthenticationHandler;
  ASecret, ALoginURLSegment: string; AConfigClaims: TJWTClaimsSetup; AClaimsToCheck: TJWTCheckableClaims;
  ALeewaySeconds: Cardinal);
begin
  inherited Create;
  FAuthenticationHandler := AAuthenticationHandler;
  FSetupJWTClaims := AConfigClaims;
  if not Assigned(FSetupJWTClaims) then
    FSetupJWTClaims := procedure(const JWT: TJWT)
	  begin
	    // setup some reasonable claims here
	  end;
  ...
end;

Metadata

Metadata

Assignees

Labels

acceptedIssue has been accepted and inserted in a future milestone

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions