Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(authz): Add name to entity id when retrieved from token #1616

Merged
merged 1 commit into from
Oct 8, 2024
Merged

feat(authz): Add name to entity id when retrieved from token #1616

merged 1 commit into from
Oct 8, 2024

Conversation

elizabethhealy
Copy link
Member

@elizabethhealy elizabethhealy commented Oct 7, 2024
edited
Loading

resolves #1615
before: jwtentity-0 or jwtentity-1
now includes more useful info in the entity name

       {
          "id": "jwtentity-0-clientid-tdf-entity-resolution-public",
          "client_id": "tdf-entity-resolution-public",
          "category": "CATEGORY_ENVIRONMENT"
        },
        {
          "id": "jwtentity-1-username-sample-user",
          "user_name": "sample-user",
          "category": "CATEGORY_SUBJECT"
        }

This is useful for parsing access decisions triggered by kas. Access decisions only reference the entityID so, previously, it was be difficult to know what entity it is referring to without looking through the rest of the logs. This change should provide more context and save debugging time.

@elizabethhealy elizabethhealy changed the title feat(ers): Add name to entity id when retrieved from token feat(authz): Add name to entity id when retrieved from token Oct 7, 2024
@elizabethhealy elizabethhealy marked this pull request as ready for review October 7, 2024 16:23
@elizabethhealy elizabethhealy requested a review from a team as a code owner October 7, 2024 16:23
@strantalis strantalis added this pull request to the merge queue Oct 8, 2024
Merged via the queue into main with commit 5304204 Oct 8, 2024
24 of 25 checks passed
@strantalis strantalis deleted the ers-entity-id-from-token-more-specific branch October 8, 2024 17:51
@opentdf-automation opentdf-automation bot mentioned this pull request Oct 7, 2024
Merged
github-merge-queue bot pushed a commit that referenced this pull request Oct 15, 2024
@opentdf-automation
chore(main): release service 0.4.25 (#1602)
99da3e2 
🤖 I have created a release *beep* *boop*
---


##
[0.4.25](service/v0.4.24...service/v0.4.25)
(2024-10-15)


### Features

* **authz:** Add name to entity id when retrieved from token
([#1616](#1616))
([5304204](5304204))
* **core:** Add entity category to audit logs
([#1614](#1614))
([871878c](871878c))
* **core:** Change log level from Debug to Trace for readiness checks
([#1544](#1544))
([0af1269](0af1269)),
closes [#1545](#1545)
* **policy:** 1004 add audit support for unsafe actions
([#1620](#1620))
([4b64e5b](4b64e5b))
* **policy:** 1357 policy GetAttributeByFqn db query should employ fewer
roundtrips ([#1633](#1633))
([0bdb7e5](0bdb7e5)),
closes [#1357](#1357)
* **policy:** 1421 tech debt migrate Resource Mappings object queries to
sqlc ([#1422](#1422))
([cd74bcf](cd74bcf))
* **policy:** 1426 tech debt migrate Namespace object queries to sqlc -
PART 2 ([#1617](#1617))
([b914350](b914350))
* **policy:** 1434 tech debt migrate attribute value object queries to
sqlc ([#1444](#1444))
([0a7998e](0a7998e)),
closes [#1434](#1434)
* **policy:** 1435 tech debt migrate attribute definition object queries
to sqlc ([#1450](#1450))
([c36624c](c36624c))
* **policy:** 1436 tech debt migrate subject mapping and condition set
object queries to sqlc
([#1606](#1606))
([ec60c9f](ec60c9f))
* **policy:** 1438 tech debt migrate attribute fqn indexing queries to
sqlc ([#1445](#1445))
([617aa91](617aa91)),
closes [#1438](#1438)
* **policy:** 1580 Resource Mappings GET/LIST should provide attribute
value FQNs in response
([#1622](#1622))
([e33bcc0](e33bcc0)),
closes [#1580](#1580)
* **policy:** 1618 update KAS CRUD to align with ADR decisions
([#1619](#1619))
([379f980](379f980)),
closes [#1618](#1618)
* **policy:** DSP-51 - deprecate PublicKey local field
([#1590](#1590))
([e3ed0b5](e3ed0b5))
* **sdk:** Improve KAS key lookup and caching
([#1556](#1556))
([fb6c47a](fb6c47a))


### Bug Fixes

* allow standard users to get authorization decisions
([#1634](#1634))
([718f5e3](718f5e3))
* **authz:** Move logs containing subject mappings to trace level
([#1635](#1635))
([80c117c](80c117c)),
closes [#1503](#1503)
* **core:** Autobump service
([#1611](#1611))
([2567052](2567052))
* **core:** Autobump service
([#1624](#1624))
([9468479](9468479))
* **core:** Autobump service
([#1639](#1639))
([0551247](0551247))
* **core:** Autobump service
([#1654](#1654))
([ecf41e9](ecf41e9))
* **core:** log audit object as json
([#1612](#1612))
([c519ffb](c519ffb))
* Simplify request ID extraction from context for AUDIT
([#1626](#1626))
([2f7518c](2f7518c))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pflynn-virtru pflynn-virtru pflynn-virtru approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add more info to entityID when extracted from token
3 participants
@elizabethhealy @pflynn-virtru @strantalis