Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sec(acl): convert x.Sensitive to string type for authn hash #8931

Merged
merged 1 commit into from
Aug 4, 2023
Merged

sec(acl): convert x.Sensitive to string type for authn hash #8931

merged 1 commit into from
Aug 4, 2023

Conversation

mangalaman93
Copy link
Member

we use a combination of namespace, start timestamp and ACL hmac secret key to make the transaction context more robust. Unfortunately, because the ACL secret is of type x.Sensitive, we ended up using "*****" as the key for computing hash. This commit fixes this issue. This is NOT a breaking change.

@mangalaman93
sec(acl): convert x.Sensitive to string type for authn hash
a46f30a 
we use a combination of namespace, start timestamp and ACL
hmac secret key to make the transaction context more robust.
Unfortunately, because the ACL secret is of type x.Sensitive,
we ended up using "*****" as the key for computing hash.
This commit fixes this issue. This is NOT a breaking change.
@dgraph-bot dgraph-bot added area/testing Testing related issues go Pull requests that update Go code labels Aug 4, 2023
@all-seeing-code
Copy link
Contributor

Nice catch!

@mangalaman93 mangalaman93 merged commit d8d661f into main Aug 4, 2023
@mangalaman93 mangalaman93 deleted the aman/hash branch August 4, 2023 15:13
jbhamra1 pushed a commit that referenced this pull request Aug 8, 2023
@mangalaman93 @jbhamra1
sec(acl): convert x.Sensitive to string type for auth hash (#8931)
c653b41 
we use a combination of namespace, start timestamp and ACL hmac secret
key to make the transaction context more robust. Unfortunately, because
the ACL secret is of type x.Sensitive, we ended up using "*****" as the
key for computing hash. This commit fixes this issue. This is NOT a
breaking change.
jbhamra1 pushed a commit that referenced this pull request Aug 17, 2023
@mangalaman93 @jbhamra1
sec(acl): convert x.Sensitive to string type for auth hash (#8931)
590d1a2 
we use a combination of namespace, start timestamp and ACL hmac secret
key to make the transaction context more robust. Unfortunately, because
the ACL secret is of type x.Sensitive, we ended up using "*****" as the
key for computing hash. This commit fixes this issue. This is NOT a
breaking change.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MichelDiz MichelDiz MichelDiz approved these changes

@all-seeing-code all-seeing-code all-seeing-code approved these changes

@meghalims meghalims Awaiting requested review from meghalims

@sanjayk-github-dev sanjayk-github-dev Awaiting requested review from sanjayk-github-dev

@harshil-goel harshil-goel Awaiting requested review from harshil-goel

@billprovince billprovince Awaiting requested review from billprovince

@joshua-goldstein joshua-goldstein Awaiting requested review from joshua-goldstein

Assignees
No one assigned
Labels
area/testing Testing related issues go Pull requests that update Go code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mangalaman93 @all-seeing-code @MichelDiz @dgraph-bot