bug: fix local Authorization header (#284)

* bug: fix local Authorization header So the problem isn't with Vapid. It's with how we were generating the other authorization token, specifically differences with how python and rust were handling things. Python was converting the hex UAID string into a set of bytes, rust was converting the 128bit UUID UAID into bytes. Combine that with some fun regarding the base auth key string, and.. yeah. I added a test to this to compare the auth key generated by python with rust, broke the generate and validate functions into the AuthorizationCheck impl and added a bunch of comments. Closes #282
mozilla-services · Sep 28, 2021 · 0027d78 · 0027d78
1 parent 230fb19
commit 0027d78
Show file tree

Hide file tree

Showing 17 changed files with 215 additions and 143 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -42,12 +42,16 @@ jobs:
           # ignoring RUSTSEC-2020-0146 => tied to rusoto-core 0.42
           # ignoring RUSTSEC-2021-0003 => blocked tokio update #249
           # ignoring RUSTSEC-2021-0020 => increasing LB security filtering
+          # ignoring RUSTSEC-2021-0078 => blocked on hyper update
+          # ignoring RUSTSEC-2021-0079 => blocked on hyper update
           command: |
             cargo audit \
             --ignore RUSTSEC-2020-0041 \
             --ignore RUSTSEC-2020-0146 \
             --ignore RUSTSEC-2021-0003 \
-            --ignore RUSTSEC-2021-0020
+            --ignore RUSTSEC-2021-0020 \
+            --ignore RUSTSEC-2021-0078 \
+            --ignore RUSTSEC-2021-0079
 
   test:
     docker: