Skip to content
This repository has been archived by the owner on Jul 12, 2023. It is now read-only.

Commit

Permalink
Remove feature flags for audience checking
Browse files Browse the repository at this point in the history
  • Loading branch information
@sethvargo
sethvargo committed Nov 19, 2020
1 parent 75d0423 commit fd24531
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 11 deletions.
3 changes: 0 additions & 3 deletions internal/publish/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,9 +89,6 @@ type Config struct {
// Should only be set if a server is being operated in a single region.
DefaultRegion string `env:"DEFAULT_REGION"`

// Feature flags - eventually these are removed as features become default behavior
FailOnCertificateAudienceMismatch bool `env:"FEATURE_FAIL_ON_CERTIFICATE_AUDIENCE_MISMATCH, default=true"`

// Flags for local development and testing. This will cause still valid keys
// to not be embargoed.
// Normally "still valid" keys can be accepted, but are embargoed.
Expand Down
2 changes: 1 addition & 1 deletion internal/publish/publish.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -286,7 +286,7 @@ func (h *PublishHandler) process(ctx context.Context, data *verifyapi.Publish, b
}

// Perform health authority certificate verification.
verifiedClaims, err := h.verifier.VerifyDiagnosisCertificate(ctx, appConfig, data, h.config.FailOnCertificateAudienceMismatch)
verifiedClaims, err := h.verifier.VerifyDiagnosisCertificate(ctx, appConfig, data)
if err != nil {
if appConfig.BypassHealthAuthorityVerification {
logger.Warnf("bypassing health authority certificate verification health authority: %v", appConfig.AppPackageName)
Expand Down
9 changes: 2 additions & 7 deletions internal/verification/phaverify.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ type VerifiedClaims struct {
// VerifyDiagnosisCertificate accepts a publish request (from which is extracts the JWT),
// fully verifies the JWT and signture against what the passed in authorrized app is allowed
// to use. Returns any transmission risk overrides if they are present.
func (v *Verifier) VerifyDiagnosisCertificate(ctx context.Context, authApp *aamodel.AuthorizedApp, publish *verifyapi.Publish, enforceAudienceMatch bool) (*VerifiedClaims, error) {
func (v *Verifier) VerifyDiagnosisCertificate(ctx context.Context, authApp *aamodel.AuthorizedApp, publish *verifyapi.Publish) (*VerifiedClaims, error) {
logger := logging.FromContext(ctx)
// These get assigned during the ParseWithClaims closure.
var healthAuthorityID int64
Expand Down Expand Up @@ -110,12 +110,7 @@ func (v *Verifier) VerifyDiagnosisCertificate(ctx context.Context, authApp *aamo

// Advisory check the aud.
if claims.Audience != ha.Audience {
// TODO(mikehelmick) - clean up feature flag casing.
logger.Errorw("certifice audience mismatch - will be a failure in the next release", "claims.Aud", claims.Audience, "allowed", ha.Audience, "iss", ha.Issuer)
if enforceAudienceMatch {
// This flag guarding will be removed in a future release.
return nil, fmt.Errorf("audience mismatch for issuer: %v", ha.Issuer)
}
return nil, fmt.Errorf("audience mismatch for issuer: %v (+%q, -%q)", ha.Issuer, claims.Audience, ha.Audience)
}

// Find a key version.
Expand Down

0 comments on commit fd24531

Please sign in to comment.