-
Notifications
You must be signed in to change notification settings - Fork 209
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add lifecycle hooks to run middleware #690
Comments
It makes sense to extend Hoverfly as there are probably other use-cases, but having to do masking in middleware seems like a leaky solution for larger teams as it has to be applied in real-time. Developers will forget and policy would be difficult to apply. We could do with more use-cases on the general topic of masking. |
After reading this GitHub issue: arquillian/arquillian-organization#10 I get a feeling that it is not necessary a middleware feature Problem Use case
Implications
|
The change of title reflects that we won't be adding explicit support for data masking in Hoverfly itself. Lifecycle hooks - yes. Data masking - no. |
The current middleware does not support request modification in simulate mode, and not support response modification in the capture mode. The way it works is probably to tackle problems such as:
Making middleware to apply on both request and response for simulate/capture/spy mode is desirable for some use cases but has the potential to break backward compatibility. |
What I propose is that middleware should behave as it is, but you can pass an additional flag to force it to run at a certain point regardless of the mode. For example,
It allows to intercept requests using middleware before request matching in simulate mode. Available hooks could be:
|
Looks good to me, except you've got It is probably better if neither Two questions:
I assume the answer is No to both these questions, but it's worth checking. |
The suffix For question 1, yes. You can pass comma seperated list of hooks, and invoke the same middleware at different hooks. For question 2, maybe no initially, but it should be possible to pass context information into the middleware. |
Ok. Q1 is good. but wrt Q2. I think that then compromises the feature. What if the lifecycle stage could be passed in metadata as that shouldn't affect existing middleware, or to be 100% sure, pass it if --hooks is stated? |
Currently, we do not need this feature anymore because we bypassed this information into fake information manually. Of course, it might still be interesting to have this feature but let's say that it is not urgent for our use case. |
@tommysitu if we need to build this feature, then I would like to take this up. You can assign this to me. I can start working on the same. |
@tommysitu you can assign this to me. I have started working on the same. |
At the moment, middleware can only intercept and modify outgoing requests in capture mode. This is inadequate if someone wants to mask sensitive information in both request and response when capturing.
The text was updated successfully, but these errors were encountered: