HomePhabricator
Diffusion Comm 2585747eae45

[identity] Add HTTP function to verify CSAT
2585747eae45
Actions

Description

[identity] Add HTTP function to verify CSAT

Summary:
Added function that verifies Authorization header for valid CSAT.
The header format is compliant with what we have for HTTP services (blob, backup): Authorization: Bearer [base64-encoded JSON] - I could reuse some utils from comm-lib to easily achieve that.

Depends on D12302

Test Plan:
Created a dummy endpoint that calls verify_csat()? and returns HTTP 200. Verified the following:

  • Missing Authorization header returns HTTP 401 Unauthorized
  • Invalid header format returns HTTP 400 Bad request
    • Missing "Bearer " prefix
    • Invalid base64
    • Invalid JSON - e.g. missing one of required fields
  • Invalid credentials return HTTP 403 Forbidden
  • HTTP 200 (func returns Ok(())) for valid credentials taken from identity-tokens table

Reviewers: varun, will, marcin

Reviewed By: varun

Subscribers: ashoat, tomek

Differential Revision: https://phab.comm.dev/D12303

Details

Provenance
bartekAuthored on Jun 2 2024, 2:53 AM
Reviewer
varun
Differential Revision
D12303: [identity] Add HTTP function to verify CSAT
Parents
rCOMMd7cb14f793ad: [identity] Add HTTP error utilities
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
services/
identity/
src/
http/

rCOMM2585747eae45

View Options

services/identity/src/http/handlers.rs

Loading...
View Options

services/identity/src/http/mod.rs

Loading...