Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(authentication): make cookie name unique between environments #2095

Conversation

subotic
Copy link
Collaborator

@subotic subotic commented Jul 11, 2022

Resolves DEV-994

PR Checklist

Please check if your PR fulfills the following requirements:

  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • Build related changes
  • CI related changes
  • Documentation content changes
  • Other... Please describe:

What is the current behavior?

Issue Number: N/A

What is the new behavior?

Does this PR introduce a breaking change?

  • Yes
  • No

Other information

@subotic subotic self-assigned this Jul 11, 2022
Copy link
Collaborator

@mpro7 mpro7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, but formatting test failed.

Comment on lines 50 to 52
// TODO: add some default images: https://www.testcontainers.org/features/files/
val incunabulaImageDirPath = Paths.get("..", "sipi/images/0803/incunabula_0000000002.jp2")
sipiContainer.withFileSystemBind(incunabulaImageDirPath.toString(), "/sipi/images/0803/incunabula_0000000002.jp2", BindMode.READ_ONLY)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could be val sipi/images/0803/incunabula_0000000002.jp2.
Also is above TODO fulfilled with these 2 lines?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

removed the comment. the val cannot be simplified, because the value is not the same then.

Copy link

@irinaschubert irinaschubert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just added minor remarks

Comment on lines 41 to 42
command: --config=/sipi/config/sipi.docker-test-config.lua ## command variant to start the sipi container with test routes enabled
# command: --config=/sipi/config/sipi.docker-config.lua

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we still need the commented out command? As far as I understand, for tests we need the sipi.docker-test-config.lua. On test/staging/prod/project servers there is another lua config anyway, right?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good catch. no, it is only needed for some manual testing. I reverted the change


--
-- maxcimal size of the cache
-- maximal size of the cache
--
cachesize = '100M',

--
-- if the cache becomes full, the given percentage of file space is marked for reuase

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
-- if the cache becomes full, the given percentage of file space is marked for reuase
-- if the cache becomes full, the given percentage of file space is marked for reuse

Comment on lines 52 to 53
print("cookie key is invalid: " .. cookie)
server.log("cookie key is invalid: " .. cookie, server.loglevel.LOG_ERR)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need both?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nope, removed the print

@sonarcloud
Copy link

sonarcloud bot commented Jul 14, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

Copy link
Collaborator

@BalduinLandolt BalduinLandolt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM overall, maybe we can get rid of some of the "Knora"s?

@@ -78,7 +78,6 @@ function pre_flight(prefix, identifier, cookie)

-- print("knora_url: " .. knora_url)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can be removed?

Comment on lines +38 to +41
val config: Config = ConfigFactory.parseString("""
|akka.loglevel = "DEBUG"
|akka.stdout-loglevel = "DEBUG"
""".stripMargin)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this indentation looks wrong to me... have you auto-formatted?

assert(response.status === StatusCodes.OK)
}

"accept a token in Sipi that has been signed by Knora" in {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"accept a token in Sipi that has been signed by Knora" in {
"accept a token in Sipi that has been signed by DSP-API" in {

assert(sipiResponse.status == StatusCodes.OK)
}

"not accept a token in Sipi that hasn't been signed by Knora" in {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"not accept a token in Sipi that hasn't been signed by Knora" in {
"not accept a token in Sipi that hasn't been signed by DSP-API" in {

Knora is dead, long live Knora!

@subotic
Copy link
Collaborator Author

subotic commented Jul 14, 2022

I would prefer not to delay this PR because of Knora's.

@subotic subotic merged commit 7d420a4 into main Jul 14, 2022
@subotic subotic deleted the wip/DEV-994-dsp-app-dsp-api-auth-cookie-from-prod-domain-is-used-on-all-other-domains branch July 14, 2022 08:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants