Add JWT public signing key auto-refresh by letmaik · Pull Request #1908 · microsoft/CCF

letmaik · 2020-11-20T12:23:21Z

Implements #1893.

Follow-up PRs (not necessarily all by myself):

Expose connection failures to enclave to be able to record key refresh errors in those situations
In case of any error during key refresh, schedule next task with lower time interval, maybe gradually backing off
Do an initial immediate key refresh after KV is synced (not sure where the best place is to trigger this)
Move update_ca_cert proposal to C++, currently in Lua. Also, rename to set_ca_cert and add remove_ca_cert proposal.

ghost · 2020-11-20T12:32:17Z

letmaik/jwt-key-auto-refresh@15658 aka 20201123.18 vs master ewma over 50 builds from 15114 to 15645

…o-refresh

letmaik added 12 commits November 18, 2020 16:21

auto-refresh jwt keys (wip)

b3625cb

add test

a20494e

use existing url parser

af9c95b

more fixes, still wip

ed7aa30

minor fix

d8cc643

fix cn

f64e60a

fix test

2ae6e05

extend test

6954327

error handling

b282b73

cleanup

a051581

formatting

6b7c08a

formatting

c9bb2f6

letmaik requested a review from a team as a code owner November 20, 2020 12:23

letmaik added 2 commits November 20, 2020 13:39

Merge remote-tracking branch 'origin/master' into letmaik/jwt-key-aut…

f6b2592

…o-refresh

exclude new endpoint from openapi

7850f19

letmaik mentioned this pull request Nov 20, 2020

HTTP client hangs if Content-Length header is missing in response #1909

Closed

jumaffre reviewed Nov 20, 2020

View reviewed changes

Comment thread src/node/node_state.h Outdated

jumaffre reviewed Nov 20, 2020

View reviewed changes

Comment thread src/node/node_state.h Outdated

jumaffre reviewed Nov 20, 2020

View reviewed changes

Comment thread src/node/node_state.h Outdated

jumaffre reviewed Nov 20, 2020

View reviewed changes

Comment thread src/node/rpc/endpoint_registry.h

jumaffre reviewed Nov 20, 2020

View reviewed changes

Comment thread src/node/rpc/member_frontend.h

jumaffre reviewed Nov 20, 2020

View reviewed changes

Comment thread src/runtime_config/gov.lua

jumaffre reviewed Nov 23, 2020

View reviewed changes

Comment thread src/host/main.cpp

achamayou reviewed Nov 23, 2020

View reviewed changes

Comment thread src/node/node_state.h Outdated

achamayou reviewed Nov 23, 2020

View reviewed changes

Comment thread src/node/node_state.h Outdated

achamayou reviewed Nov 23, 2020

View reviewed changes

Comment thread src/node/node_state.h Outdated

achamayou reviewed Nov 23, 2020

View reviewed changes

Comment thread src/node/rpc/member_frontend.h

achamayou requested changes Nov 23, 2020

View reviewed changes

Comment thread tests/jwt_test.py Outdated

address PR comments

bed63e6

letmaik added 3 commits November 23, 2020 12:54

remove explicit wait from e2e test

683356d

formatting

c235fc7

re-enable disabled tests

1f65abb

letmaik requested review from achamayou and jumaffre November 23, 2020 12:59

make pylint happy

26a38fb

jumaffre approved these changes Nov 23, 2020

View reviewed changes

Merge branch 'master' into letmaik/jwt-key-auto-refresh

a5363c3

achamayou approved these changes Nov 23, 2020

View reviewed changes

Merge branch 'master' into letmaik/jwt-key-auto-refresh

880c8d3

achamayou merged commit 6528a33 into microsoft:master Nov 23, 2020

This was referenced Nov 24, 2020

JWT key auto-refresh: include connection failures in metrics #1916

Closed

set_ca_cert/remove_ca_cert #1917

Merged

letmaik deleted the letmaik/jwt-key-auto-refresh branch November 24, 2020 14:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add JWT public signing key auto-refresh#1908

Add JWT public signing key auto-refresh#1908
achamayou merged 21 commits into
microsoft:masterfrom
letmaik:letmaik/jwt-key-auto-refresh

letmaik commented Nov 20, 2020 •

edited

Loading

Uh oh!

ghost commented Nov 20, 2020 •

edited by ghost

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

letmaik commented Nov 20, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

ghost commented Nov 20, 2020 • edited by ghost Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

letmaik commented Nov 20, 2020 •

edited

Loading

ghost commented Nov 20, 2020 •

edited by ghost

Loading