Implemented the Authentication middleware (#3)

This PR contains the work done to implement the `AuthMiddleware` middleware, to authenticate the requests sent to the backend service, based on [their specifications](https://www.discogs.com/developers/#page:authentication). In addition, some documentation has been added/updated and some boilerplate source code has been removed from the project. Reviewed-on: #3 Co-authored-by: Javier Cicchelli <javier@rock-n-code.com> Co-committed-by: Javier Cicchelli <javier@rock-n-code.com>
2025-10-11 07:39:52 +00:00
parent 428eedd89d
commit bfc9e67d38
1958 changed files with 2591 additions and 1926 deletions
@@ -0,0 +1,33 @@
+// ===----------------------------------------------------------------------===
+//
+// This source file is part of the DiscogsService open source project
+//
+// Copyright (c) 2025 Röck+Cöde VoF. and the DiscogsService project authors
+// Licensed under Apache license v2.0
+//
+// See LICENSE for license information
+// See CONTRIBUTORS for the list of DiscogsService project authors
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// ===----------------------------------------------------------------------===
+
+/// A representation of the available authentication methods at the Discogs service.
+///
+/// The differences between these authentication methods.
+///
+/// Credentials in request | Rate limiting? | Image URLs? |Authenticated as user?
+/// --- | :---: | :---: | :---:
+/// None | 🐢 Low tier | ❌ No |❌ No
+/// Only Consumer key/secret | 🐰 High tier | ✔️ Yes | ❌ No
+/// Personal access token | 🐰 High tier | ✔️ Yes | ✔️ Yes, for token holder only 👩
+///
+/// Please refer to the [Discogs documentation](https://www.discogs.com/developers#page:authentication,header:authentication-discogs-auth-flow) for further details.
+public enum AuthMethod: Equatable, Sendable {
+    /// A consumer key and secret that allows access to endpoints that requires authentication.
+    case consumer(key: String, secret: String)
+    /// No authentication method defined.
+    case none
+    /// A user token that allows access to its own account information.
+    case user(token: String)
+}
@@ -0,0 +1,33 @@
+// ===----------------------------------------------------------------------===
+//
+// This source file is part of the DiscogsService open source project
+//
+// Copyright (c) 2025 Röck+Cöde VoF. and the DiscogsService project authors
+// Licensed under Apache license v2.0
+//
+// See LICENSE for license information
+// See CONTRIBUTORS for the list of DiscogsService project authors
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// ===----------------------------------------------------------------------===
+
+/// A representation of the available transport options to send credentials in authenticated requests.
+public enum AuthTransport: Sendable {
+    /// Authentication credential are sent in a request as an `Authentication` header.
+    ///
+    /// This means that the header will be added to any existing header in a request, like this:
+    /// ```bash
+    /// curl "https://api.discogs.com/database/search?q=Slayer" -H "Authorization: Discogs key=foo123, secret=bar456"
+    /// curl "https://api.discogs.com/database/search?q=Slayer" -H "Authorization: Discogs token=abcxyz123456"
+    /// ```
+    case onHeader
+    /// Authentication credential are sent in a request as parameters in the query string.
+    ///
+    /// This means that the parameters will be injected into the query in a request, like this:
+    /// ```bash
+    /// curl "https://api.discogs.com/database/search?q=Slayer&key=foo123&secret=bar456"
+    /// curl "https://api.discogs.com/database/search?q=Slayer&token=abcxyz123456"
+    /// ```
+    case onQuery
+}