-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add path uid validation to HawkIdentifier extractor #61
Conversation
e88f640
to
7528798
Compare
Per extract_target_resource extraction from the Python version, this add's uid validation to the HawkIdentifier extraction. Issue #48
7528798
to
b4423c2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me 👍
format!("services.mozilla.com/tokenlib/v1/derive/{}", id).as_bytes(), | ||
Some(salt.as_bytes()), | ||
&SECRETS.master_secret, | ||
); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It feels like you should be able to import some higher-level function to do this, rather than duplicating all the details of how to make a token into the test here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed, I didn't find any function that would do it though. I'll probably move this out to be that higher level function elsewhere.
let payload = HawkPayload { | ||
expires: Utc::now().timestamp() as f64 + 200000.0, | ||
node: "friendly-node".to_string(), | ||
salt: "saltysalt".to_string(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
😆
.header("authorization", header) | ||
.method(Method::GET) | ||
.uri("http://localhost:5000/storage/1.5/5/storage/col2") | ||
.param("uid", "5") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you have to repeat the 5
here because TestRequest
won't parse the uid out of the supplised URI?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, TestRequest assumes the params were parsed by the Server and put in the the params object on the request.
Per extract_target_resource extraction from the Python version, this
add's uid validation to the HawkIdentifier extraction.
Issue #48