k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

Add HMAC protection on /approval endpoint

Browse Source 
Signed-off-by: Bob Callaway <bcallaway@google.com>
This commit is contained in:
Bob Callaway
2022-07-06 07:11:37 -04:00
parent 454122ca22
commit fcfbb1ecb0
19 changed files with 274 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
storage/kubernetes/types.go
View File

@@ -356,6 +356,8 @@ type AuthRequest struct {
CodeChallenge string `json:"code_challenge,omitempty"`
CodeChallengeMethod string `json:"code_challenge_method,omitempty"`
HMACKey []byte `json:"hmac_key"`
}
// AuthRequestList is a list of AuthRequests.
@@ -384,6 +386,7 @@ func toStorageAuthRequest(req AuthRequest) storage.AuthRequest {
CodeChallenge: req.CodeChallenge,
CodeChallengeMethod: req.CodeChallengeMethod,
},
HMACKey: req.HMACKey,
}
return a
}
@@ -412,6 +415,7 @@ func (cli *client) fromStorageAuthRequest(a storage.AuthRequest) AuthRequest {
Claims: fromStorageClaims(a.Claims),
CodeChallenge: a.PKCE.CodeChallenge,
CodeChallengeMethod: a.PKCE.CodeChallengeMethod,
HMACKey: a.HMACKey,
}
return req
}