Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(core-api): jwt authorization #770 #793

Merged
merged 2 commits into from
Apr 21, 2021
Merged

feat(core-api): jwt authorization #770 #793

merged 2 commits into from
Apr 21, 2021

Conversation

petermetz
Copy link
Member

@petermetz petermetz commented Apr 14, 2021
edited

Dependencies

Depends on #810
Depends on #824

Commit to review

feat(core-api): jwt authorization #770

Primary change(s):

  1. Verification of JSON web tokens for all endpoints by default.
  2. The ability for endpoints to control on top of JWT valdity
    the requirement of the JWT payload containing a certain scope

Miscellaneous change(s):

  1. Refactor of all the endpoints and plugins to make this change
    technically possible.

Fixes #770

Signed-off-by: Peter Somogyvari peter.somogyvari@accenture.com

@petermetz petermetz added enhancement New feature or request API_Server dependencies Pull requests that update a dependency file Security Related to existing or potential security vulnerabilities Core_API Changes related to the Core API Package labels Apr 14, 2021
kikoncuo
kikoncuo approved these changes Apr 16, 2021
View reviewed changes
Copy link
Contributor

@kikoncuo kikoncuo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is critical for production apps

@petermetz petermetz mentioned this pull request Apr 16, 2021
Open
@takeutak
Copy link
Member

takeutak commented Apr 17, 2021
edited

@petermetz I think there should be no problem, but I would like to check the code a little, so could you give me some time until the approval? If there is no problem, I will approve it by next Monday.

@petermetz
Copy link
Member Author

@petermetz I think there should be no problem, but I would like to check the code a little, so could you give me some time until the approval? If there is no problem, I will approve it by next Monday.

@takeutak Sure thing, thank you very much!

@takeutak
Copy link
Member

LGTM to this PR.
The content of this PR is not directly related, but I think that we may need to sort out the authentication functions. There is a possibility that it will be put on the agenda at a later date. If I do so at a late date, I would like to ask for your cooperation.

@petermetz
feat(connector-besu): contract deployment with constructor arguments
ce47794 
Previously you couldn't deploy a contract that had constructor arguments
of it's own because there was no way to pass in these.
With this improvement this is now possible.

Depends on hyperledger#810

Signed-off-by: Peter Somogyvari <peter.somogyvari@accenture.com>
@petermetz
feat(core-api): jwt authorization hyperledger#770
61851de 
Primary change(s):
------------------

1. Verification of JSON web tokens for all endpoints by default.
2. The ability for endpoints to control on top of JWT valdity
the requirement of the JWT payload containing a certain scope

Miscellaneous change(s):
------------------------

1. Refactor of all the endpoints and plugins to make this change
technically possible.

Fixes hyperledger#770

Signed-off-by: Peter Somogyvari <peter.somogyvari@accenture.com>
@github-actions
Copy link

🎉 Great news! Looks like all the dependencies have been resolved:

💡 To add or remove a dependency please update this issue/PR description.

Brought to you by Dependent Issues (:robot: ). Happy coding!

@petermetz petermetz merged commit 2016750 into hyperledger:main Apr 21, 2021
@petermetz petermetz deleted the feat-770 branch April 21, 2021 20:46
@petermetz petermetz self-assigned this Apr 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kikoncuo kikoncuo kikoncuo approved these changes

@takeutak takeutak takeutak approved these changes

@jonathan-m-hamilton jonathan-m-hamilton Awaiting requested review from jonathan-m-hamilton

@sfuji822 sfuji822 Awaiting requested review from sfuji822

Assignees

@petermetz petermetz

Labels
API_Server Core_API Changes related to the Core API Package dependencies Pull requests that update a dependency file enhancement New feature or request Security Related to existing or potential security vulnerabilities
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(core-api): role based access control through oauth2 scopes
4 participants
@petermetz @takeutak @kikoncuo @sfuji822