Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] Webhook target should support Authorization mechanism #5166

Closed
harshavardhana opened this issue Nov 10, 2017 · 5 comments · Fixed by #8392
Closed

[feature] Webhook target should support Authorization mechanism #5166

harshavardhana opened this issue Nov 10, 2017 · 5 comments · Fixed by #8392
Assignees
@harshavardhana
Labels
fixed priority: medium

Comments

@harshavardhana
Copy link
Member

Expected Behavior

Support Authorization header bearer token to be set for all event notifications.

Current Behavior

All requests to webhook are currently insecure or do have a way to validate the incoming request.

Possible Solution

For example looking for a following change

  "webhook": {
                        "1": {
                                "enable": false,
                                "authorization": "xxxxxxxxxx",
                                "endpoint": "https://requestb.in/1cxubuy1"
                        }
                },

Steps to Reproduce (for bugs)

Just follow the bucket notification guide on how to setup webhook notification and setup an insecure webhook endpoint.

Context

Security, avoiding lower room for attack radius etc.

Your Environment

Current master
@ebozduman ebozduman added this to the Next Release milestone Nov 10, 2017
@nap
Copy link

nap commented Dec 20, 2017

Anyone working on this? Are you accepting contributions?

@balamurugana
Copy link
Member

@nap contributions are welcome. As there is a significant amount change in notification system, you could contribute to the PR #5294

@harshavardhana
Copy link
Member Author

@nap contributions are welcome. As there is a significant amount change in notification system, you could contribute to the PR #5294

@nap will you be able to contribute?

@nap
Copy link

nap commented Oct 9, 2018

I don't think so.

@harshavardhana
Copy link
Member Author

Taking this as part of the config changes..

@harshavardhana harshavardhana mentioned this issue Aug 28, 2019
Closed
@harshavardhana harshavardhana mentioned this issue Oct 14, 2019
Merged
7 tasks
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@harshavardhana harshavardhana

Labels
fixed priority: medium
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Migrate config to KV data format harshavardhana/minio
5 participants
@harshavardhana @balamurugana @krishnasrinivas @nap @ebozduman