-
Notifications
You must be signed in to change notification settings - Fork 250
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace Teletraan AuthN and AuthZ implementation #1487
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Mar 2, 2024
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
from
March 4, 2024 22:09
cba7ea9
to
d379af4
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
from
March 4, 2024 22:09
93009f8
to
6373d80
Compare
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
from
March 4, 2024 22:20
d379af4
to
8180def
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
from
March 4, 2024 22:20
6373d80
to
2144b2b
Compare
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
from
March 5, 2024 03:18
8180def
to
b1143e4
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
2 times, most recently
from
March 5, 2024 03:23
b3be719
to
86eaa28
Compare
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
2 times, most recently
from
March 6, 2024 01:37
051c7c0
to
df4b162
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
2 times, most recently
from
March 6, 2024 18:46
02104a7
to
7f2b3d2
Compare
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
from
March 6, 2024 19:01
46b0f23
to
8080061
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
from
March 6, 2024 19:01
7f2b3d2
to
91aaf55
Compare
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
from
March 6, 2024 20:05
8080061
to
93d8636
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
2 times, most recently
from
March 7, 2024 18:33
4ae1f66
to
f20f76f
Compare
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
from
March 7, 2024 18:33
93d8636
to
7081da9
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
from
March 9, 2024 00:32
f20f76f
to
84e38e3
Compare
tylerwowen
force-pushed
the
spr/master/17aa4dbb
branch
2 times, most recently
from
March 12, 2024 19:01
48a0a36
to
7aeecbd
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
from
March 12, 2024 19:01
84e38e3
to
2fc4330
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
from
March 13, 2024 17:56
d767722
to
e26cd3e
Compare
Merged
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
3 times, most recently
from
March 19, 2024 23:30
f3c5bea
to
dcd4cbf
Compare
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
2 times, most recently
from
March 25, 2024 20:15
78bc6cb
to
8a611a6
Compare
vitalii-honchar
requested changes
Mar 25, 2024
...y-service/common/src/main/java/com/pinterest/deployservice/bean/TeletraanPrincipalRoles.java
Outdated
Show resolved
Hide resolved
...y-service/common/src/main/java/com/pinterest/deployservice/bean/TeletraanPrincipalRoles.java
Outdated
Show resolved
Hide resolved
.../teletraanservice/src/main/java/com/pinterest/teletraan/config/RoleAuthorizationFactory.java
Outdated
Show resolved
Hide resolved
.../teletraanservice/src/main/java/com/pinterest/teletraan/config/RoleAuthorizationFactory.java
Show resolved
Hide resolved
...eletraanservice/src/main/java/com/pinterest/teletraan/config/TokenAuthenticationFactory.java
Show resolved
Hide resolved
deploy-service/teletraanservice/src/main/java/com/pinterest/teletraan/resource/Hosts.java
Show resolved
Hide resolved
...ervice/teletraanservice/src/main/java/com/pinterest/teletraan/security/EnvPathExtractor.java
Outdated
Show resolved
Hide resolved
...e/teletraanservice/src/main/java/com/pinterest/teletraan/security/EnvStageBodyExtractor.java
Show resolved
Hide resolved
...e/teletraanservice/src/main/java/com/pinterest/teletraan/security/EnvStagePathExtractor.java
Outdated
Show resolved
Hide resolved
...rvice/teletraanservice/src/test/java/com/pinterest/teletraan/fixture/EnvironBeanFixture.java
Show resolved
Hide resolved
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
2 times, most recently
from
March 26, 2024 01:07
2bdc351
to
163bd3c
Compare
vitalii-honchar
previously approved these changes
Mar 26, 2024
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
8 times, most recently
from
March 28, 2024 00:56
1d6b390
to
d810d8f
Compare
vitalii-honchar
previously approved these changes
Mar 28, 2024
commit-id:bf5d6dfa
tylerwowen
force-pushed
the
spr/master/bf5d6dfa
branch
from
March 28, 2024 21:56
d810d8f
to
93b1200
Compare
vitalii-honchar
approved these changes
Mar 28, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR replaces Teletraan AuthN and AuthZ implementation with the new security package in the universal library. It's a non-breaking change and clients should expect almost the same behaviors, except a couple of authorization fixes.
Changes by package
com.pinterest.deployservice.bean
Resource
byAuthZResource
, which is from universal libRole
byTeletraanPrincipalRoles
Role
com.pinterest.deployservice.dao
Resource
byAuthZResource
, which is from universal libcom.pinterest.deployservice.db
Resource
byAuthZResource
, which is from universal libcom.pinterest.teletraan
com.pinterest.teletraan.config
TokenAuthorizationFactory
->RoleAuthorizationFactory
with some new implementations1TokenAuthenticationFactory
implementationcom.pinterest.teletraan.security
Main changes are here
AuthZResourceExtractor
BaseAuthorizer<UserPrincipal>
,BaseAuthorizer<ScriptTokenPrincipal<ValueBasedRole>>
ScriptTokenProvider<ValueBasedRole>
AuthZResourceExtractor.Factory
com.pinterest.teletraan.resource
Seems a lot but no.
@RolesAllowed
@PermitAll
@ResourceAuthZInfo
Test and validation
Misc.
Stack:
Things remaining
UserRoleAuthorizerTest