Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(security): Handle service and user pre-auth headers #197

Merged
merged 6 commits into from
Nov 27, 2024
Merged

feat(security): Handle service and user pre-auth headers #197

merged 6 commits into from
Nov 27, 2024

Conversation

byronantak
Copy link
Collaborator

@byronantak byronantak commented Nov 20, 2024
edited
Loading

  • Create user service endpoint to allow for a fuzzy search based on service name
  • Create custom PreAuthFilter which takes both user and service headers into consideration.
    • The precedence is for user headers if both are specified
  • Create logic for disambiguate which users / services to use when multiple services match the results
    Summary: use exact service first, then any services which are ancestors to this service (if their users exist)
  • If a service does not exist and attempts authenication, a Pager Duty incident is created

@byronantak byronantak force-pushed the feat/header-auth branch 3 times, most recently from c0987d3 to ee0f6d7 Compare November 20, 2024 17:20
@byronantak byronantak force-pushed the feat/header-auth branch 2 times, most recently from 0cf6972 to 6056099 Compare November 25, 2024 10:44
@byronantak byronantak force-pushed the feat/header-auth branch 5 times, most recently from de0e692 to 26055c6 Compare November 25, 2024 13:24
@byronantak byronantak marked this pull request as ready for review November 25, 2024 15:36
@byronantak byronantak requested a review from a team as a code owner November 25, 2024 15:36
maallen
maallen reviewed Nov 26, 2024
View reviewed changes
webapp/src/main/java/com/box/l10n/mojito/security/HeaderSecurityConfig.java Outdated Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/security/ServiceDisambiguator.java Outdated Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/security/ServiceDisambiguator.java Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/service/security/user/UserRepository.java Outdated Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/service/security/user/UserService.java Outdated Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/service/security/user/UserService.java Outdated Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/service/security/user/UserService.java Outdated Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/service/security/user/UserService.java Outdated Show resolved Hide resolved
webapp/src/main/java/com/box/l10n/mojito/service/security/user/UserService.java Outdated Show resolved Hide resolved
@byronantak byronantak merged commit dd902e2 into master Nov 27, 2024
1 check passed
@byronantak byronantak deleted the feat/header-auth branch November 27, 2024 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattwilshire mattwilshire mattwilshire approved these changes

@maallen maallen maallen approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@byronantak @maallen @mattwilshire