Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Subscriptions controller: Ignore JWTs that can't be validated #378

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Subscriptions controller: Ignore JWTs that can't be validated #378

wants to merge 1 commit into from

Conversation

kevinbader
Copy link
Contributor

Fixes #377.

  • For subscription requests, JWTs that can't be validated are now
    ignored. This allows to validate JWTs in an external service as
    configurable via the SUBMISSION_CHECK and SUBSCRIPTION_CHECK environment
    variables (which was the intention all along).

  • Response code changed: when connecting and subscribing at the same
    time, RIG replies with 403 (instead of 400) when not authorized to do
    so.

  • Ill-formed JWTs no longer cause subscription requests to fail.

  • Fixed SUBMISSION_CHECK=jwt_validation - it failed the check anytime,
    regardless of whether the JWT was valid.

@kevinbader
Subscriptions controller: Ignore JWTs that can't be validated
d4eafdd 
Fixes #377.

- For subscription requests, JWTs that can't be validated are now
ignored. This allows to validate JWTs in an external service as
configurable via the SUBMISSION_CHECK and SUBSCRIPTION_CHECK environment
variables (which was the intention all along).

- Response code changed: when connecting and subscribing at the same
time, RIG replies with 403 (instead of 400) when not authorized to do
so.

- Ill-formed JWTs no longer cause subscription requests to fail.

- Fixed SUBMISSION_CHECK=jwt_validation - it failed the check anytime,
regardless of whether the JWT was valid.
@kevinbader kevinbader added the bug label May 23, 2021
@kevinbader kevinbader added this to the 3.0.0 milestone May 23, 2021
@kevinbader kevinbader requested a review from mmacai May 23, 2021 20:31
@kevinbader kevinbader mentioned this pull request May 23, 2021
Open
@kevinbader kevinbader marked this pull request as draft May 24, 2021 22:55
@mmacai mmacai modified the milestones: 3.0.0, 3.1.0 Jul 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mmacai mmacai Awaiting requested review from mmacai

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
3.1.0
Development

Successfully merging this pull request may close these issues.

Unable to validate JWT via external service
2 participants
@kevinbader @mmacai