Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP Remove internal ID from JWT token #512

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

WIP Remove internal ID from JWT token #512

wants to merge 2 commits into from

Conversation

snazy
Copy link
Member

@snazy snazy commented Dec 9, 2024

The JWT token already has enough information to identify the principal: the client ID. There's no need to have another internal ID, hence removing the principal ID from the JWT.

snazy added 2 commits December 10, 2024 08:43
@snazy
Move secret validation logic and authN-loadPrincipal into `PolarisSec…
1686cea 
…retsManager`

The logic _how_ a principal and/or principal secret's are persisted should be transparent to the calling code. Relying on the persistence internals for principals and secrets management makes it impossible to factor out secrets management / make principal management possible.

This change moves the secret validation and retrieval of a principal by client-ID behind an implementation of `PolarisSecretsManager`.
@snazy
Remove internal ID from JWT token
4d3718f 
The JWT token already has enough information to identify the principal: the client ID. There's no need to have another _internal_ ID, hence removing the principal ID from the JWT.
@snazy snazy force-pushed the no-principal-id-in-token branch from 7eae5d0 to 4d3718f Compare December 10, 2024 07:43
@snazy snazy mentioned this pull request Dec 10, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbonofre jbonofre Awaiting requested review from jbonofre jbonofre will be requested when the pull request is marked ready for review jbonofre is a code owner

@ashvina ashvina Awaiting requested review from ashvina ashvina will be requested when the pull request is marked ready for review ashvina is a code owner

@RussellSpitzer RussellSpitzer Awaiting requested review from RussellSpitzer RussellSpitzer will be requested when the pull request is marked ready for review RussellSpitzer is a code owner

@vvcephei vvcephei Awaiting requested review from vvcephei vvcephei will be requested when the pull request is marked ready for review vvcephei is a code owner

@takidau takidau Awaiting requested review from takidau takidau will be requested when the pull request is marked ready for review takidau is a code owner

@jackye1995 jackye1995 Awaiting requested review from jackye1995 jackye1995 will be requested when the pull request is marked ready for review jackye1995 is a code owner

@flyrain flyrain Awaiting requested review from flyrain flyrain will be requested when the pull request is marked ready for review flyrain is a code owner

@eric-maynard eric-maynard Awaiting requested review from eric-maynard eric-maynard will be requested when the pull request is marked ready for review eric-maynard is a code owner

@collado-mike collado-mike Awaiting requested review from collado-mike collado-mike will be requested when the pull request is marked ready for review collado-mike is a code owner

@ebyhr ebyhr Awaiting requested review from ebyhr ebyhr will be requested when the pull request is marked ready for review ebyhr is a code owner

@adutra adutra Awaiting requested review from adutra adutra will be requested when the pull request is marked ready for review adutra is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snazy