-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix Authorization in GRPC #228
Comments
razorao
added a commit
that referenced
this issue
Aug 17, 2021
--Wrote a custom auth interceptor which calls custom AuthFuncOverride with request body --Custom version of AuthFuncOverride accepting request body --Modified implementations of AuthFuncOverride in admin, publisher and subscriber server to accept request body --New file: metro/service/web/server.go having the implementation of fetching the project id from request payload --Fetch project-id from request payload using resources' name and extracted using regex capturing group
razorao
added a commit
that referenced
this issue
Aug 17, 2021
--Reverted code commented during testing
razorao
added a commit
that referenced
this issue
Aug 17, 2021
--Wrote a custom auth interceptor which calls custom AuthFuncOverride with request body --Custom version of AuthFuncOverride accepting request body --Modified implementations of AuthFuncOverride in admin, publisher and subscriber server to accept request body --New file: metro/service/web/server.go having the implementation of fetching the project id from request payload --Fetch project-id from request payload using resources' name and extracted using regex capturing group
razorao
added a commit
that referenced
this issue
Aug 17, 2021
--Reverted code commented during testing
razorao
added a commit
that referenced
this issue
Aug 20, 2021
--Wrote a custom auth interceptor which calls custom AuthFuncOverride with request body --Custom version of AuthFuncOverride accepting request body --Modified implementations of AuthFuncOverride in admin, publisher and subscriber server to accept request body --New file: metro/service/web/server.go having the implementation of fetching the project id from request payload --Fetch project-id from request payload using resources' name and extracted using regex capturing group
razorao
added a commit
that referenced
this issue
Aug 20, 2021
--Reverted code commented during testing
razorao
added a commit
that referenced
this issue
Aug 27, 2021
* Issue #228: Fix authorization in GRPC calls --Wrote a custom auth interceptor which calls custom AuthFuncOverride with request body --Custom version of AuthFuncOverride accepting request body --Modified implementations of AuthFuncOverride in admin, publisher and subscriber server to accept request body --New file: metro/service/web/server.go having the implementation of fetching the project id from request payload --Fetch project-id from request payload using resources' name and extracted using regex capturing group * Issue #228: Fix authorization in GRPC calls --Reverted code commented during testing * Issue #228: Fix authorization in GRPC calls --Fixed breaking UTs * Tidied the dependencies * Added unit tests * removed commented code * Addressed review comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, project id is fetched from the URI and is validated against users's project id to perform authorization. However, in case of GRPC, the URI does not exist leading to breakage of authorization.
The text was updated successfully, but these errors were encountered: