Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authenticate Interceptor #133

Merged
merged 2 commits into from Jan 31, 2023
Merged

Authenticate Interceptor #133

merged 2 commits into from Jan 31, 2023

Conversation

bbengfort
Copy link
Contributor

@bbengfort bbengfort commented Jan 30, 2023
edited

Scope of changes

Adds an Authenticator which creates unary and stream interceptors for ensuring that JWT tokens in the credentials are authenticated and adds the claims to the context of the request for access by handlers if necessary.

Fixes SC-13307

Type of change

  • new feature
  • bug fix
  • documentation
  • testing
  • technical debt
  • other (describe)

Acceptance criteria

Describe how reviewers can test this change to be sure that it works correctly. Add a checklist if possible.

Author checklist

  • I have manually tested the change and/or added automation in the form of unit tests or integration tests
  • I have updated the dependencies list
  • I have recompiled and included new protocol buffers to reflect changes I made
  • I have added new test fixtures as needed to support added tests
  • Check this box if a reviewer can merge this pull request after approval (leave it unchecked if you want to do it yourself)
  • I have moved the associated Shortcut story to "Ready for Review"

Reviewer(s) checklist

  • Any new user-facing content that has been added for this PR has been QA'ed to ensure correct grammar, spelling, and understandability.
  • Are there any TODOs in this PR that should be turned into stories?

@shortcut-integration
Copy link

This pull request has been linked to Shortcut Story #13307: Authentication Interceptor.

@bbengfort bbengfort marked this pull request as ready for review January 30, 2023 23:49
pdeziel
pdeziel approved these changes Jan 31, 2023
View reviewed changes
Copy link
Contributor

@pdeziel pdeziel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, I had a small comment but it shouldn't block anything.

pkg/ensign/contexts/contexts.go

// ClaimsFrom returns the claims from the context if they exist or false if not.
func ClaimsFrom(ctx context.Context) (*tokens.Claims, bool) {
claims, ok := ctx.Value(KeyClaims).(*tokens.Claims)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this be a one-liner?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it probably could. I wrote it this way to make it easier to put an if statement on the first block if further checking was necessary.

@bbengfort bbengfort merged commit 2990c06 into main Jan 31, 2023
@bbengfort bbengfort deleted the sc-13307/auth-interceptor branch January 31, 2023 14:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pdeziel pdeziel pdeziel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bbengfort @pdeziel