Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add path uid validation to HawkIdentifier extractor #61

Merged
merged 1 commit into from
Oct 15, 2018
Merged

feat: add path uid validation to HawkIdentifier extractor #61

merged 1 commit into from
Oct 15, 2018

Conversation

bbangert
Copy link
Member

Per extract_target_resource extraction from the Python version, this
add's uid validation to the HawkIdentifier extraction.

Issue #48

@bbangert bbangert requested review from pjenvey and rfk October 13, 2018 00:37
@bbangert bbangert force-pushed the feat/issue-48.1 branch 5 times, most recently from e88f640 to 7528798 Compare October 13, 2018 00:47
@bbangert
feat: add path uid validation to HawkIdentifier extractor
b4423c2 
Per extract_target_resource extraction from the Python version, this
add's uid validation to the HawkIdentifier extraction.

Issue #48
rfk
rfk approved these changes Oct 15, 2018
View reviewed changes
Copy link
Contributor

@rfk rfk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me 👍

src/web/extractors.rs
format!("services.mozilla.com/tokenlib/v1/derive/{}", id).as_bytes(),
Some(salt.as_bytes()),
&SECRETS.master_secret,
);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It feels like you should be able to import some higher-level function to do this, rather than duplicating all the details of how to make a token into the test here.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, I didn't find any function that would do it though. I'll probably move this out to be that higher level function elsewhere.

src/web/extractors.rs
let payload = HawkPayload {
expires: Utc::now().timestamp() as f64 + 200000.0,
node: "friendly-node".to_string(),
salt: "saltysalt".to_string(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

😆

src/web/extractors.rs
.header("authorization", header)
.method(Method::GET)
.uri("http://localhost:5000/storage/1.5/5/storage/col2")
.param("uid", "5")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you have to repeat the 5 here because TestRequest won't parse the uid out of the supplised URI?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, TestRequest assumes the params were parsed by the Server and put in the the params object on the request.

@bbangert bbangert merged commit 1cbb708 into master Oct 15, 2018
@bbangert bbangert deleted the feat/issue-48.1 branch October 15, 2018 16:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rfk rfk rfk approved these changes

@philbooth philbooth philbooth approved these changes

@pjenvey pjenvey Awaiting requested review from pjenvey

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bbangert @rfk @philbooth