Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add edge-token extractor to lock down access #4

Merged
merged 3 commits into from
Jan 24, 2023
Merged

feat: Add edge-token extractor to lock down access #4

merged 3 commits into from
Jan 24, 2023

Conversation

chriswk
Copy link
Member

@chriswk chriswk commented Jan 20, 2023

What

This adds EdgeToken as a type. It also adds a way to go from an HttpRequest to an EdgeToken by implementing Actix's trait FromRequest for an EdgeToken.

If you have an endpoint where you need authentication, you simply say that you want an EdgeToken and the type system will guarantee you either get an EdgeToken or you'll get a 403 error.

Thoughts

We now have two traits, one for resolving features, and one for verifying tokens, or converting from an authorization header to a token. These are merged to a trait I've called EdgeProvider, and we now wire in an offline implementation of EdgeProvider (give bootstrap file, and a list of accepted tokens that will have read-access to the bootstrap file and it's results).

I tried to make our methods only require the traits they use, but the wiring in Actix from web::Data to method parameters wasn't able to see that something that implemented the Super trait would satisfy the Subtrait.

At least not the way I did it. Something to dig into next week.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 20, 2023
View reviewed changes
server/src/types.rs Fixed Show fixed Hide fixed
server/src/offline_provider.rs Fixed Show fixed Hide fixed
server/src/offline_provider.rs Fixed Show fixed Hide fixed
server/src/types.rs Fixed Show fixed Hide fixed
server/src/types.rs Fixed Show fixed Hide fixed
server/src/types.rs Fixed Show fixed Hide fixed
server/src/types.rs Fixed Show fixed Hide fixed
server/src/types.rs Fixed Show fixed Hide fixed
sighphyre
sighphyre approved these changes Jan 24, 2023
View reviewed changes
Copy link
Member

@sighphyre sighphyre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM to me, Clippy still seems to be a bit cranky tho

@sighphyre sighphyre merged commit e6bc817 into main Jan 24, 2023
@sighphyre sighphyre deleted the feat/addTokenParsing branch January 24, 2023 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sighphyre sighphyre sighphyre approved these changes

@gastonfournier gastonfournier Awaiting requested review from gastonfournier

@nunogois nunogois Awaiting requested review from nunogois

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chriswk @sighphyre