HomePhabricator
Diffusion Comm 3bdda747deaf

[services-lib] Add authorization http middleware

Description

[services-lib] Add authorization http middleware

Summary:
ENG-4657

HTTP services need a way for clients to authenticate with them. This diff implements a middleware that will reject invalid requests and a UserIdentity extractor that is able to extract user identity from a correct request.

NOTE: actual checking if the access token is correct is skipped here, because the comm access token work isn't finished, so clients wouldn't be able to authorize anyway.

Test Plan:
Created a resource:

web::resource("/hello")
  .route(
    web::get()
      .to(|user: UserIdentity| async move { format!("{user:?}") }),
  )
  .wrap(get_comm_authentication_middleware()),
  1. Made a request without adding Authorization token -> got a 401 response with www-authenticate: Bearer header
  2. Made a request with Authorization: Bearer eyJ1c2VySUQiOiAiMSIsICJhY2Nlc3NUb2tlbiI6ICIyIiwgInNpZ25pbmdQdWJsaWNLZXkiOiAiMyJ9 header
    • got a 200 response with text: "UserIdentity { user_id: "1", access_token: "2", signing_public_key: "3" }"

Reviewers: bartek, jon, patryk, kamil

Reviewed By: bartek

Subscribers: ashoat, tomek

Differential Revision: https://phab.comm.dev/D8911

Details

Event Timeline