Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: store refresh token in vault #1128

Merged
merged 2 commits into from
Mar 14, 2024
Merged

feat: store refresh token in vault #1128

merged 2 commits into from
Mar 14, 2024

Conversation

paullatzelsperger
Copy link
Contributor

WHAT

This PR updates the token-refresh service so that refresh tokens are stored in the Vault rather than the database.
In addition, the rule that validates incoming refresh requests was split into two rules:

  • AuthTokenAudienceRule: verifies that the refresh token was originally created for the iss of the authentication token
  • RefreshTokenValidationRule: verifies that the refresh token matches the one we have on record

WHY

Briefly state why the change was necessary.

FURTHER NOTES

List other areas of code that have changed but are not necessarily linked to the main feature. This could be method signature changes, package declarations, bugs that were encountered and were fixed inline, etc.

Closes # <-- insert Issue number if one exists

@paullatzelsperger paullatzelsperger added enhancement New feature or request Feature labels Mar 14, 2024
@paullatzelsperger paullatzelsperger marked this pull request as draft March 14, 2024 13:48
@paullatzelsperger paullatzelsperger force-pushed the feat/1125_store_refresh_token_in_vault branch from 1f3aa4c to 9165a37 Compare March 14, 2024 13:53
@paullatzelsperger paullatzelsperger marked this pull request as ready for review March 14, 2024 13:53
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
1.0% Duplication on New Code

See analysis details on SonarCloud

@paullatzelsperger paullatzelsperger merged commit a3b4c06 into eclipse-tractusx:main Mar 14, 2024
25 checks passed
@paullatzelsperger paullatzelsperger deleted the feat/1125_store_refresh_token_in_vault branch March 14, 2024 14:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wolf4ood wolf4ood wolf4ood approved these changes

@jimmarino jimmarino Awaiting requested review from jimmarino

Assignees
No one assigned
Labels
enhancement New feature or request Feature
Projects
EDC PR Board
Status: Merged
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@paullatzelsperger @wolf4ood