fix: remove auth login endpoint #1007
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of change
When working on the
authservice we created some endpoints that would be called by the console, but that the console was not ready to use yet at the time of implementation. When we did this we missed the admin guard on one of these routes, meaning it was callable by anyone. If this endpoint was called with a users ID it would return their user data (user ID, api-key and account tier). When we realized this was the case we closed the endpoint and deployed the fix to production immediately.This was an oversight on our part, but we have verified with our telemetry data that this vulnerability has never been exploited, as the endpoint has never been called successfully outside of our testing. We have also reviewed our
authservice for other vulnerabilities and ensured all sensitive endpoints are guarded and covered by integration tests.This PR plugs the leak and the fix has already been deployed to production. This PR does not remove the entire session flow, since the auth service is being refactored to a tonic gRPC service on the https://github.com/shuttle-hq/shuttle/tree/feat/shuttle-runtime-scaling branch.
How has this been tested? (if applicable)
Tested with
curlafter the fix was deployed.