k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

Add HMAC protection on /approval endpoint

Browse Source 
Signed-off-by: Bob Callaway <bcallaway@google.com>
This commit is contained in:
Bob Callaway
2022-07-06 07:11:37 -04:00
parent 454122ca22
commit fcfbb1ecb0
19 changed files with 274 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
storage/ent/client/authrequest.go
View File

@@ -31,6 +31,7 @@ func (d *Database) CreateAuthRequest(authRequest storage.AuthRequest) error {
SetExpiry(authRequest.Expiry.UTC()).
SetConnectorID(authRequest.ConnectorID).
SetConnectorData(authRequest.ConnectorData).
SetHmacKey(authRequest.HMACKey).
Save(context.TODO())
if err != nil {
return convertDBError("create auth request: %w", err)
@@ -94,6 +95,7 @@ func (d *Database) UpdateAuthRequest(id string, updater func(old storage.AuthReq
SetExpiry(newAuthRequest.Expiry.UTC()).
SetConnectorID(newAuthRequest.ConnectorID).
SetConnectorData(newAuthRequest.ConnectorData).
SetHmacKey(newAuthRequest.HMACKey).
Save(context.TODO())
if err != nil {
return rollback(tx, "update auth request uploading: %w", err)

1
storage/ent/client/types.go
View File

@@ -45,6 +45,7 @@ func toStorageAuthRequest(a *db.AuthRequest) storage.AuthRequest {
CodeChallenge: a.CodeChallenge,
CodeChallengeMethod: a.CodeChallengeMethod,
},
HMACKey: a.HmacKey,
}
}