Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[add] DisallowBearerToken option to operator to disallow bearer = true #177

Merged
merged 2 commits into from
May 9, 2022
Merged

[add] DisallowBearerToken option to operator to disallow bearer = true #177

merged 2 commits into from
May 9, 2022

Conversation

matthiashanel
Copy link
Contributor

change 1 out of 3 for nats-io/nats-server#3084

matthiashanel added a commit to nats-io/nsc that referenced this pull request Apr 29, 2022
@matthiashanel
[added] support for operator option DisallowBearerToken
8aa7515 
change 2 out of 3 for nats-io/nats-server#3084
corresponds to nats-io/jwt#177

also fixed minor staticcheck issues

Signed-off-by: Matthias Hanel <mh@synadia.com>
@matthiashanel matthiashanel mentioned this pull request Apr 29, 2022
Merged
matthiashanel added a commit to nats-io/nats-server that referenced this pull request Apr 29, 2022
@matthiashanel
[added] support for jwt operator option DisallowBearerToken
33d41ef 
change 3 out of 3 for #3084
corresponds to:
nats-io/jwt#177
nats-io/nsc#495

Signed-off-by: Matthias Hanel <mh@synadia.com>
matthiashanel added a commit to nats-io/nsc that referenced this pull request Apr 29, 2022
@matthiashanel
[added] support for operator option DisallowBearerToken
d0c753f 
change 2 out of 3 for nats-io/nats-server#3084
corresponds to nats-io/jwt#177

also fixed minor staticcheck issues

Signed-off-by: Matthias Hanel <mh@synadia.com>
@matthiashanel matthiashanel mentioned this pull request Apr 29, 2022
Merged
matthiashanel added a commit to nats-io/nats-server that referenced this pull request Apr 29, 2022
@matthiashanel
[added] support for jwt operator option DisallowBearerToken
bd28831 
I modified an existing data structure that held a similar attribute already.
Instead this data structure references the claim.

change 3 out of 3. Fixes #3084
corresponds to:
nats-io/jwt#177
nats-io/nsc#495

Signed-off-by: Matthias Hanel <mh@synadia.com>
@aricart
Copy link
Member

aricart commented May 2, 2022
edited
Loading

@matthiashanel not quite sure why this option is at the operator level - would seem that the bearer token could be enabled as a server config option which disables the feature server-wide. The bigger question is shouldn't this be an account-level option - since accounts issue users, seems reasonable that this would be the config where they can bounce them all?

Perhaps both features would be useful.

aricart
aricart approved these changes May 2, 2022
View reviewed changes
Copy link
Member

@aricart aricart left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - saved for the other comment.

@matthiashanel
moved attribute to account
b7cabf8 
Signed-off-by: Matthias Hanel <mh@synadia.com>
@aricart aricart self-requested a review May 9, 2022 17:50
@aricart
Copy link
Member

aricart commented May 9, 2022

LGTM!

@matthiashanel matthiashanel merged commit 3bcd719 into master May 9, 2022
@matthiashanel matthiashanel deleted the DisallowBearerToken branch May 9, 2022 18:01
matthiashanel added a commit to nats-io/nsc that referenced this pull request May 9, 2022
@matthiashanel
[added] support for operator option DisallowBearerToken (#495)
e70a462 
* [added] support for account option DisallowBearerToken

change 2 out of 3 for nats-io/nats-server#3084
corresponds to nats-io/jwt#177

also fixed minor staticcheck issues
also removed unused ha_assets

Signed-off-by: Matthias Hanel <mh@synadia.com>
matthiashanel added a commit to nats-io/nats-server that referenced this pull request May 16, 2022
@matthiashanel
[added] support for jwt account option DisallowBearer
66a29ab 
change 3 out of 3. Fixes #3084
corresponds to:
nats-io/jwt#177
nats-io/nsc#495

Signed-off-by: Matthias Hanel <mh@synadia.com>
@matthiashanel matthiashanel mentioned this pull request May 16, 2022
Merged
matthiashanel added a commit to nats-io/nats-server that referenced this pull request Jun 13, 2022
@matthiashanel
[added] support for jwt account option DisallowBearer
d460ee3 
change 3 out of 3. Fixes #3084
corresponds to:
nats-io/jwt#177
nats-io/nsc#495

Signed-off-by: Matthias Hanel <mh@synadia.com>
matthiashanel added a commit to nats-io/nats-server that referenced this pull request Jun 28, 2022
@matthiashanel
[added] support for jwt account option DisallowBearer
c75d3c1 
change 3 out of 3. Fixes #3084
corresponds to:
nats-io/jwt#177
nats-io/nsc#495

Signed-off-by: Matthias Hanel <mh@synadia.com>
matthiashanel added a commit to nats-io/nats-server that referenced this pull request Jun 29, 2022
@matthiashanel
[added] support for jwt account option DisallowBearer (#3127)
6e52608 
* [added] support for jwt account option DisallowBearer

change 3 out of 3. Fixes #3084
corresponds to:
nats-io/jwt#177
nats-io/nsc#495

update jwt library to 2.3.0

Signed-off-by: Matthias Hanel <mh@synadia.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tbeets tbeets Awaiting requested review from tbeets

@aricart aricart Awaiting requested review from aricart

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matthiashanel @aricart