Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create extractor/ validators for autoendpoint API methods #103

Closed
bbangert opened this issue Feb 14, 2019 · 0 comments · Fixed by #154 or #231
Closed

Create extractor/ validators for autoendpoint API methods #103

bbangert opened this issue Feb 14, 2019 · 0 comments · Fixed by #154 or #231
Assignees
@AzureMarker
Labels
p1 ready
Milestone
Autoendpoint Rust...

Comments

@bbangert
Copy link
Member

autoendpoint has a fairly large amount of validation required, this should all be ported in as actix extractors and custom validation logic as needed (syncstorage-rs has some examples of this).

Depends on #102.
@AzureMarker AzureMarker mentioned this issue Jun 8, 2020
Merged
AzureMarker added a commit that referenced this issue Jun 12, 2020
@AzureMarker
feat: Basic autoendpoint extractors (#151)
b08fdbd 
* Add FromRequest impl for Metrics

* Organize routes and add the rest of the health checks

* Edit the /__lbheartbeat__ route to be a little clearer

* Add a no-op webpush route

* Add basic webpush extraction structs

* Impl FromRequest for TokenInfo

* Translate wip FromRequest impl for Subscription from Python validator

Needs the meat of the validation + refactoring. Also unsure if the
crypto_keys config is correct, as the Python version enforces brackets,
even in env variables.

* Extract extractors to new module and add some docs

Pun fully intended.

* Add some more docs and refactoring to Subscription FromRequest impl

* Add a WebPushHeaders extractor and header utilities

* Add validation to WebPushHeaders

* Impl FromRequest for Notification

Based on the Python validator/extractor. Kind of annoying that we have
to `take` the payload because GATs isn't stable... Hopefully no one else
needs it!

* Fix incorrect call to get server state

* Add extractors to webpush_route

* Fix errors after rebase

* Add error for invalid token

* Make the subscription public key optional

v1 may not have a public key

* Suppress unused variable / mutability lint warnings

* Be more explicit about what extractors need the payload

* Add a PayloadError error kind to remove a TODO


Related to #103 (needs more work before it can be closed).
This was referenced Jun 12, 2020
Merged
Merged
@AzureMarker AzureMarker added this to the Autoendpoint Rust Server milestone Jun 16, 2020
@AzureMarker AzureMarker linked a pull request Jun 22, 2020 that will close this issue
feat: Validate autoendpoint JWT tokens #154
Merged
AzureMarker added a commit that referenced this issue Jun 26, 2020
@AzureMarker
feat: Validate autoendpoint JWT tokens (#154)
04fee7f 
* Use an enum for API version and add VapidHeaderWithKey

* Perform expiration time validation on the JWT

* Perform JWT claims extraction

* Use the jsonwebtoken library for JWT validation

* Add back VapidError::FutureExpirationToken and associated check

The JWT library doesn't handle this error.

* Record another metric for vapid version

* Simplify handling of VAPID v2 in extract_public_key

Closes #103
This was referenced Oct 16, 2020
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AzureMarker AzureMarker

Labels
p1 ready
Projects
None yet
Milestone
Autoendpoint Rust Server
2 participants
@bbangert @AzureMarker