-
Notifications
You must be signed in to change notification settings - Fork 218
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: token-based authentication #1097
Conversation
Codecov Report
@@ Coverage Diff @@
## main #1097 +/- ##
==========================================
- Coverage 81.00% 79.62% -1.38%
==========================================
Files 26 35 +9
Lines 1927 2425 +498
==========================================
+ Hits 1561 1931 +370
- Misses 287 400 +113
- Partials 79 94 +15
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
chore(rpc): remove unused empty proto import feat(rpc/flipt/auth): add METHOD_NONE to Method enum feat(rpc/flipt/auth): drop METHOD_ prefix from enum names
fix(sql/auth): use crypto/rand.Reader in place of math/rand.New fix(sql/auth): capture test parameters in loop-body variables chore(migrations): drop index before dropping authentications table fix(import): run down migrations on --drop fix(migrations/sqlite3): syntax error in uniqueness constraint on temp table in down test(sql/auth): fuzz hashClientToken chore(sql/auth): more fuzzing seeds fix(sql/auth): map driver constraint errors to internal error representation chore(sql/auth): remove underscore from Fuzz test name chore(storage/sql): remove dead code refactor(migrations): change authentications method from string to integer refactor(storage/sql): move common field utilities into sql package chore(storage/sql): use keyed field in struct literals
…dTokenService (#1102) feat(auth/method/token): initial gRPC server implementation test(server/auth/method/token): assert token creation via API chore(server/auth): synchronize server stop and fatal on error fix(storage): use flipt/errors package chore(server/auth): validate invalid error adapts appropriately feat(authentication): wire up grpc service and gateway feat(server/auth): define unary server interceptor feat(storage/auth): implement list authentications feat(storage/auth): list with method predicate feat(auth): configure initial token bootstrap process chore(auth): correct documentation typos fix(proto): change create token http method PUT to POST
chore: empty commit to kick ci fix(auth/sql): add auth package qualifier when calling ListWithMethod chore(auth/sql): remove duplicate imports chore(auth/sql): adjust import naming to be consistent fix(sq/auth): ensure order defaults to ascending fix(sql): truncate timestamps to microseconds when inserting into database fix(sql): use precision 6 for mysql timestamp columns
fix: ensure authentication store is always instantiated refactor(storage): rename query params Validate or Normalize chore(rpc/auth): prefix method enum values with METHOD_ chore(sql/testing): use wait.ForSQL during mysql testcontainer boot chore(storage): increase list limit from 10 to 25 feat(openapi): add Authorization header security requirements feat(openapi): add security requirements
07313d5
to
1b626c4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
mostly minor nitpicks, one comment around checking expiry
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we have wift off 🚀
Supports #779
This is a (relatively) long-standing branch and PR. It is now ready for final review.
Each of the constituent PRs were reviewed into this branch though.
Here is the overview:
Authentication: Bearer ...
header.PRs