Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(authn): Enable cookies in Integ #6599

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

refactor(authn): Enable cookies in Integ #6599

wants to merge 6 commits into from

Conversation

ThisIsMani
Copy link
Contributor

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

This PR will add logging for cookies and also make signout API accessible by any SPT.

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

config/config.example.toml
config/deployments/integration_test.toml
config/deployments/production.toml
config/deployments/sandbox.toml
config/development.toml
config/docker_compose.toml
loadtest/config/development.toml

Motivation and Context

Closes #6598.

How did you test it?

  • This following behaviour applies only to integ and not for sandbox and prod.
curl --location 'http://localhost:8080/user' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNzJkNDU0YTAtM2I3YS00MzZiLTllNjMtMmU5ZDQ5YzI3NmZjIiwibWVyY2hhbnRfaWQiOiJtZXJjaGFudF8xNzMxOTI4MDg1Iiwicm9sZV9pZCI6Im9yZ19hZG1pbiIsImV4cCI6MTczMjEwMDg5MSwib3JnX2lkIjoib3JnX05qeWR3eXhpRW5OQjk2QldobjlwIiwicHJvZmlsZV9pZCI6InByb183bGVMTnpFakVtRWVha1ZKTlJSbSJ9.g7InEVOcYqKSh2zNPBrq20l6O5MppE3-wKqj2YYBkBM'

If cookie is not present even if the auth header is present, BE will throw the following error

{
    "error": {
        "type": "invalid_request",
        "message": "Invalid Cookie",
        "code": "IR_26"
    }
}
  • If cookie will be given priority if both are present.

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@ThisIsMani ThisIsMani added S-waiting-on-review Status: This PR has been implemented and needs to be reviewed C-refactor Category: Refactor A-users Area: Users labels Nov 18, 2024
@ThisIsMani ThisIsMani self-assigned this Nov 18, 2024
@ThisIsMani ThisIsMani requested review from a team as code owners November 18, 2024 11:34
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Nov 18, 2024
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  crates/router/src/services/authentication.rs  15% smaller
  config/config.example.toml Unsupported file format
  config/deployments/integration_test.toml Unsupported file format
  config/deployments/production.toml Unsupported file format
  config/deployments/sandbox.toml Unsupported file format
  config/development.toml Unsupported file format
  config/docker_compose.toml Unsupported file format
  crates/router/src/configs/settings.rs  0% smaller
  crates/router/src/core/user.rs  0% smaller
  crates/router/src/routes/user.rs  0% smaller
  loadtest/config/development.toml Unsupported file format

@ThisIsMani ThisIsMani changed the title refactor(auth): Enable cookies in Integ refactor(authn): Enable cookies in Integ Nov 18, 2024
apoorvdixit88
apoorvdixit88 previously approved these changes Nov 21, 2024
View reviewed changes
SanchithHegde
SanchithHegde previously approved these changes Nov 21, 2024
View reviewed changes
SanchithHegde
SanchithHegde previously approved these changes Nov 21, 2024
View reviewed changes
racnan
racnan reviewed Nov 21, 2024
View reviewed changes
crates/router/src/services/authentication.rs Outdated
let final_token = if use_cookie_only {
cookie_token_result?
} else {
cookie_token_result.unwrap_or(auth_header_token_result?.to_owned())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are we using cookie when config is false? Is this the desired behaviour?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope, will change this to use auth header.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@racnan racnan racnan left review comments

@apoorvdixit88 apoorvdixit88 apoorvdixit88 left review comments

@SanchithHegde SanchithHegde SanchithHegde left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

@ThisIsMani ThisIsMani

Labels
A-users Area: Users C-refactor Category: Refactor S-waiting-on-review Status: This PR has been implemented and needs to be reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(authn): Use cookies for authentication
4 participants
@ThisIsMani @SanchithHegde @apoorvdixit88 @racnan