You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@servicecomb.apache.org by "chengyouling (via GitHub)" <gi...@apache.org> on 2024/04/17 03:57:22 UTC

[PR] [#4300] black/white microservice authentication add apiWhiteList [servicecomb-java-chassis]

chengyouling opened a new pull request, #4301:
URL: https://github.com/apache/servicecomb-java-chassis/pull/4301

   (no comment)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] [#4300] black/white microservice authentication add apiWhiteList [servicecomb-java-chassis]

Posted by "liubao68 (via GitHub)" <gi...@apache.org>.

liubao68 merged PR #4301:
URL: https://github.com/apache/servicecomb-java-chassis/pull/4301


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] [#4300] black/white microservice authentication add apiWhiteList [servicecomb-java-chassis]

Posted by "liubao68 (via GitHub)" <gi...@apache.org>.

liubao68 commented on code in PR #4301:
URL: https://github.com/apache/servicecomb-java-chassis/pull/4301#discussion_r1571956948


##########
handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderAuthFilter.java:
##########
@@ -50,11 +57,44 @@ public String getName() {
 
   @Override
   public CompletableFuture<Response> onFilter(Invocation invocation, FilterNode nextNode) {
+    if (checkPathWhitelist(invocation.getRequestEx().getServletPath())) {

Review Comment:
   Do you mean request url by using `invocation.getRequestEx().getServletPath()` ? 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] [#4300] black/white microservice authentication add apiWhiteList [servicecomb-java-chassis]

Posted by "liubao68 (via GitHub)" <gi...@apache.org>.

liubao68 commented on code in PR #4301:
URL: https://github.com/apache/servicecomb-java-chassis/pull/4301#discussion_r1580653789


##########
handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderAuthFilter.java:
##########
@@ -27,15 +28,21 @@
 import org.apache.servicecomb.swagger.invocation.Response;
 import org.apache.servicecomb.swagger.invocation.exception.InvocationException;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
 
 import jakarta.ws.rs.core.Response.Status;
 
 public class ProviderAuthFilter extends AbstractFilter implements ProviderFilter {
+  private static final String KEY_API_WHITE_LIST = "servicecomb.publicKey.accessControl.pathWhiteList";

Review Comment:
   servicecomb.publicKey.accessControl.excludePathPatterns



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] [#4300] black/white microservice authentication add apiWhiteList [servicecomb-java-chassis]

Posted by "chengyouling (via GitHub)" <gi...@apache.org>.

chengyouling commented on code in PR #4301:
URL: https://github.com/apache/servicecomb-java-chassis/pull/4301#discussion_r1582002139


##########
handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderAuthFilter.java:
##########
@@ -50,11 +57,44 @@ public String getName() {
 
   @Override
   public CompletableFuture<Response> onFilter(Invocation invocation, FilterNode nextNode) {
+    if (checkPathWhitelist(invocation.getRequestEx().getServletPath())) {

Review Comment:
   fixed
   



##########
handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderAuthFilter.java:
##########
@@ -27,15 +28,21 @@
 import org.apache.servicecomb.swagger.invocation.Response;
 import org.apache.servicecomb.swagger.invocation.exception.InvocationException;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
 
 import jakarta.ws.rs.core.Response.Status;
 
 public class ProviderAuthFilter extends AbstractFilter implements ProviderFilter {
+  private static final String KEY_API_WHITE_LIST = "servicecomb.publicKey.accessControl.pathWhiteList";

Review Comment:
   fixed



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] [#4300] black/white microservice authentication add apiWhiteList [servicecomb-java-chassis]

Posted by "liubao68 (via GitHub)" <gi...@apache.org>.

liubao68 commented on code in PR #4301:
URL: https://github.com/apache/servicecomb-java-chassis/pull/4301#discussion_r1580653789


##########
handlers/handler-publickey-auth/src/main/java/org/apache/servicecomb/authentication/provider/ProviderAuthFilter.java:
##########
@@ -27,15 +28,21 @@
 import org.apache.servicecomb.swagger.invocation.Response;
 import org.apache.servicecomb.swagger.invocation.exception.InvocationException;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
 
 import jakarta.ws.rs.core.Response.Status;
 
 public class ProviderAuthFilter extends AbstractFilter implements ProviderFilter {
+  private static final String KEY_API_WHITE_LIST = "servicecomb.publicKey.accessControl.pathWhiteList";

Review Comment:
   servicecomb.publicKey.accessControl.exclude



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@servicecomb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org