Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(pubsub): authenticated push requests #1256

Merged
merged 10 commits into from
Apr 30, 2019
Merged

feat(pubsub): authenticated push requests #1256

merged 10 commits into from
Apr 30, 2019

Conversation

callmehiphop
Copy link
Contributor

No description provided.

@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Apr 24, 2019
@callmehiphop
Copy link
Contributor Author

I can't add reviewers here 😢

/cc @anguillanneuf @bcoe

@fhinkel fhinkel added the kokoro:run Add this label to force Kokoro to re-run the tests. label Apr 24, 2019
@kokoro-team kokoro-team removed the kokoro:run Add this label to force Kokoro to re-run the tests. label Apr 24, 2019
@anguillanneuf anguillanneuf self-requested a review April 25, 2019 17:06
anguillanneuf
anguillanneuf requested changes Apr 25, 2019
View reviewed changes
Copy link
Member

@anguillanneuf anguillanneuf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Confirm there's no need to check iss in JWT.
  2. Keep old push endpoint code as it is. Wrap new auth push endpoint code in a new region tag.
  3. Please update README.md as well. a). Include instructions to set up authenticated push subscription. b). Include expected behavior when testing locally.

appengine/pubsub/app.js Outdated Show resolved Hide resolved
@callmehiphop callmehiphop changed the title refactor(pubsub): verify authenticated push requests feat(pubsub): verify authenticated push requests Apr 25, 2019
@callmehiphop callmehiphop changed the title feat(pubsub): verify authenticated push requests feat(pubsub): authenticated push requests Apr 25, 2019
anguillanneuf
anguillanneuf reviewed Apr 25, 2019
View reviewed changes
appengine/pubsub/README.md Outdated Show resolved Hide resolved
appengine/pubsub/README.md Outdated Show resolved Hide resolved
bcoe
bcoe approved these changes Apr 25, 2019
View reviewed changes
Copy link
Contributor

@bcoe bcoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

If you get a chance, perhaps just double check that those certificate is invalid ...

Just an idea, if Node's crypto library supports it, perhaps before the:

-----BEGIN RSA PRIVATE KEY-----

Add

This is a fake certificate used for testing.
-----BEGIN RSA PRIVATE KEY-----

☝️ then when this is pulled around in the future, this question won't come up in review.

appengine/pubsub/app.js Outdated Show resolved Hide resolved
@callmehiphop
Copy link
Contributor Author

@bcoe I pulled them from the Python samples, so I think they should be fine, but @anguillanneuf would probably know for certain.

@anguillanneuf
Copy link
Member

@bcoe And I pulled them from the Google Auth library test files.

They were generated as fake like this (link):

# To generate privatekey.pem, privatekey.pub, and public_cert.pem:
#   $ openssl req -new -newkey rsa:1024 -x509 -nodes -out public_cert.pem \
#       -keyout privatekey.pem

@bcoe
Copy link
Contributor

bcoe commented Apr 25, 2019

@anguillanneuf thank you for confirming 👍

@fhinkel fhinkel added the kokoro:run Add this label to force Kokoro to re-run the tests. label Apr 30, 2019
@kokoro-team kokoro-team removed the kokoro:run Add this label to force Kokoro to re-run the tests. label Apr 30, 2019
@anguillanneuf anguillanneuf merged commit eb19c23 into GoogleCloudPlatform:master Apr 30, 2019
@snyk-bot snyk-bot mentioned this pull request Mar 16, 2020
Open
This was referenced Mar 16, 2020
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
@leejh3224 leejh3224 mentioned this pull request Jul 6, 2023
Open
@pedroarapua pedroarapua mentioned this pull request Jul 6, 2023
Open
@pedroarapua pedroarapua mentioned this pull request Nov 28, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anguillanneuf anguillanneuf anguillanneuf approved these changes

@bcoe bcoe bcoe approved these changes

Assignees
No one assigned
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@callmehiphop @anguillanneuf @bcoe @fhinkel @googlebot @kokoro-team