From cfcc7eb453eded43001fe26136dcbc4126d8c099 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Duffeck?= Date: Fri, 27 Oct 2023 10:37:51 +0200 Subject: [PATCH 1/4] Turn the token generation requests into POSTs --- internal/http/services/sciencemesh/sciencemesh.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/http/services/sciencemesh/sciencemesh.go b/internal/http/services/sciencemesh/sciencemesh.go index 67b2f902a9..e98d49d9fe 100644 --- a/internal/http/services/sciencemesh/sciencemesh.go +++ b/internal/http/services/sciencemesh/sciencemesh.go @@ -105,7 +105,7 @@ func (s *svc) routerInit() error { return err } - s.router.Get("/generate-invite", tokenHandler.Generate) + s.router.Post("/generate-invite", tokenHandler.Generate) s.router.Get("/list-invite", tokenHandler.ListInvite) s.router.Post("/accept-invite", tokenHandler.AcceptInvite) s.router.Get("/find-accepted-users", tokenHandler.FindAccepted) From 438a9ac9a1564669a2cb2c9bede01f63149a912d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Duffeck?= Date: Mon, 30 Oct 2023 08:07:14 +0100 Subject: [PATCH 2/4] Be more flexible when resolving hosts --- pkg/ocm/provider/authorizer/json/json.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pkg/ocm/provider/authorizer/json/json.go b/pkg/ocm/provider/authorizer/json/json.go index a1d11074eb..b2173c6b71 100644 --- a/pkg/ocm/provider/authorizer/json/json.go +++ b/pkg/ocm/provider/authorizer/json/json.go @@ -163,7 +163,11 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov if hostIPs, ok := a.providerIPs.Load(ocmHost); ok { ipList = hostIPs.([]string) } else { - addr, err := net.LookupIP(ocmHost) + host, _, err := net.SplitHostPort(ocmHost) + if err != nil { + return errors.Wrap(err, "json: error looking up client IP") + } + addr, err := net.LookupIP(host) if err != nil { return errors.Wrap(err, "json: error looking up client IP") } From 03d723281c2529edd0536c0ce10c2a8ee493fce2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Duffeck?= Date: Mon, 30 Oct 2023 08:11:01 +0100 Subject: [PATCH 3/4] Add changelog --- changelog/unreleased/fix-http-verb.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 changelog/unreleased/fix-http-verb.md diff --git a/changelog/unreleased/fix-http-verb.md b/changelog/unreleased/fix-http-verb.md new file mode 100644 index 0000000000..d34595a745 --- /dev/null +++ b/changelog/unreleased/fix-http-verb.md @@ -0,0 +1,7 @@ +Bugfix: Fix HTTP verb of the generate-invite endpoint + +We changed the HTTP verb of the /generate-invite endpoint of the sciencemesh +service to POST as it clearly has side effects for the system, it's not just a +read-only call. + +https://github.com/cs3org/reva/pull/4299 From d6a268528936ac7407059cb5887c95b728db6e8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Duffeck?= Date: Mon, 30 Oct 2023 08:28:36 +0100 Subject: [PATCH 4/4] Fix integration test --- tests/integration/grpc/ocm_invitation_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/grpc/ocm_invitation_test.go b/tests/integration/grpc/ocm_invitation_test.go index ecac0573e9..67030ab2a9 100644 --- a/tests/integration/grpc/ocm_invitation_test.go +++ b/tests/integration/grpc/ocm_invitation_test.go @@ -386,7 +386,7 @@ var _ = Describe("ocm invitation workflow", func() { } generateToken := func(revaToken, domain string) (*generateInviteResponse, int) { - req, err := http.NewRequestWithContext(context.TODO(), http.MethodGet, fmt.Sprintf("http://%s/sciencemesh/generate-invite", domain), nil) + req, err := http.NewRequestWithContext(context.TODO(), http.MethodPost, fmt.Sprintf("http://%s/sciencemesh/generate-invite", domain), nil) Expect(err).ToNot(HaveOccurred()) req.Header.Set("x-access-token", revaToken)