You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficcontrol.apache.org by GitBox <gi...@apache.org> on 2019/04/30 20:52:49 UTC

[GitHub] [trafficcontrol] rawlinp commented on a change in pull request #3505: Oauth integration

rawlinp commented on a change in pull request #3505: Oauth integration
URL: https://github.com/apache/trafficcontrol/pull/3505#discussion_r279931607
 
 

 ##########
 File path: traffic_ops/traffic_ops_golang/login/login.go
 ##########
 @@ -21,8 +21,12 @@ package login
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
+	"github.com/dgrijalva/jwt-go"
+	"github.com/lestrrat/go-jwx/jwk"
 
 Review comment:
   Yeah, historically, new project dependencies are something that should really be discussed on the mailing list, primarily because we can get into hot water if we bring in a project dependency that is against the ASF licensing policy. These are both MIT-licensed, which means we should be able to bring them in, but discussing it on the mailing list also lets people evaluate the proposed libraries and give their input on whether or not we should really include them (or if they know of better alternatives -- stuff like that). 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services