Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Define/use an additional secret key, Refactor token replacement for signed urls #8802

Merged
merged 2 commits into from
Jun 23, 2022
Merged

Define/use an additional secret key, Refactor token replacement for signed urls #8802

merged 2 commits into from
Jun 23, 2022

Conversation

qqmyers
Copy link
Member

@qqmyers qqmyers commented Jun 14, 2022
edited
Loading

What this PR does / why we need it: The two commits in this PR do two different things:

  1. The initial use case for signed URLs used a secret shared between Dataverse and the remote store to create/validate signed urls. In the initial dev for signed URLs for external tools, we swapped to using the apiKey of the intended user which has value in avoiding a single key across a whole Dataverse instance. However, the apiKey is relatively short and is known to the user (making it possible for the user or someone who gains that apiKey) to sign URLs associated with their account. This PR adds a dataverse.api-signing-secret jvm option that is prepended with the user's apiKey when signing, which then a) provides a longer, more secure signing/validation key, and b) maintains a one-key-per-user model (that can be changed by the user by invalidating/recreating their apiKey) while avoiding using something the user can access/obtain.

The external tools signing will also have to use the same aggregate key (global secret + user api key) when creating signedUrls when launching external tools. (Perhaps a util method to get the key that gets used in all these places?).

  1. The original code to replace ReservedWord tokens was limited to use as part of the external tools framework and only handled creating query parameters. For openDP/signedURLs, we also want to replace tokens in URLs (i.e. path parameters). For HDC Objective 1/Globus integration, it is also useful to be able to replace tokens rather than having to write custom code to do so. The second commit here refactors the externalTools framework to pull the reserved words and the basic token replacement into a new URLTokenUtil class and adds, in that class, a new method to substitute tokens in a string/URL to handle the case where path parameters need to be entered.

@coveralls
Copy link

coveralls commented Jun 14, 2022
edited
Loading

Coverage Status

Coverage increased (+0.03%) to 18.901% when pulling 208ab95 on GlobalDataverseCommunityConsortium:7715-signed-urls-for-external-tools into 01973ff on IQSS:7715-signed-urls-for-external-tools.

@qqmyers qqmyers changed the title Define/use an additional secret key Define/use an additional secret key, Refactor token replacement for signed urls Jun 21, 2022
@rtreacy rtreacy merged commit 8c2f950 into IQSS:7715-signed-urls-for-external-tools Jun 23, 2022
@pdurbin pdurbin added this to the 5.12 milestone Jun 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
5.12
Development

Successfully merging this pull request may close these issues.
4 participants
@qqmyers @coveralls @pdurbin @rtreacy