AssetBuilder - Fix testInvalid() failure. Switch to JWT.
#25305
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
(Standard links)
|
…not been configured
a299cd0 to
5f60c72
Compare
|
civibot, test this please |
|
Jenkins re test this please |
olayiwola-compucorp
added a commit
to compucorp/civicrm-core
that referenced
this pull request
Apr 12, 2023
Included in CiviCRM 5.58.0 PR: civicrm#25305
olayiwola-compucorp
added a commit
to compucorp/civicrm-core
that referenced
this pull request
Apr 12, 2023
Included in CiviCRM 5.58.0 PR: civicrm#25305
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
This fixes a test-failure that recently appeared in
AssetBuilder. Additionally, it switches the parameter-validation to JWT (for better security checks). For sites that lack the JWT pre-requisites (ieCIVICRM_SIGN_KEYS), it provides a transitional key.Before+After
Based on the asset parameters, there is a digest-code. The usage of this digest-code evolves as follows:
(Circa 5.56.0)
(Circa 5.57.0)
(This Patch)
Technical Details: Background
AssetBuilderwas recently (5.57.0) updated to validate the digest-code in asset URLs (for the on-demand/debug variants of assets). But this led to new failures inE2E\Core\AssetBuilderTest. Why?The digest code relies on a semi-secret value, the runtime ID. In this specific test (
E2E\Core\AssetBuilderTest::testInvalid()), there are two processes. The PHPUnit process generates one digest-code (with one runtime ID) and sends it to the HTTP server -- but the HTTP server expects a different digest-code (with a different runtime ID).Is it good or bad that phpunit+httpd have different runtime IDs? 🤷 Is it good or bad to use runtime ID here? I think runtime ID is fair as part of the cache identifier. But I don't think it's ideal for validating the origin of parameters. We have another tool (JWT) which is better designed for that.
Technical Details: This Patch
This patch restores the use of
digestcode (and runtime ID) -- they are only used for purposes of file-names and caching. They no longer influence the validation-check. Instead, we use JWT.There is one catch about JWT, -- as observed in the discussion around #25285, JWT requires a signing-key, and some upgraded sites may not have the signing-key configured. Given the centrality of asset-builder in the upgrade-workflow (e.g. for
civicrm/a/#/status), we need a fallback so that site-builders can apply the upgrade and do the configuration. This defines a very limited fallback.