3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 16:59:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

databroker: require JWT for access (#1503)

Browse source
This commit is contained in:
Caleb Doxsey 2020-10-09 11:08:40 -06:00 committed by GitHub
parent 27d0cf180a
commit eb79cc0957
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 188 additions and 79 deletions
Download patch file Download diff file Expand all files Collapse all files

4
authorize/state.go
View file

@ -1,6 +1,7 @@
package authorize
import (
"encoding/base64"
"fmt"
"sync/atomic"
@ -41,6 +42,8 @@ func newAuthorizeStateFromConfig(cfg *config.Config, store *evaluator.Store) (*a
return nil, err
}
sharedKey, _ := base64.StdEncoding.DecodeString(cfg.Options.SharedKey)
cc, err := grpc.GetGRPCClientConn("databroker", &grpc.Options{
Addr: cfg.Options.DataBrokerURL,
OverrideCertificateName: cfg.Options.OverrideCertificateName,
@ -50,6 +53,7 @@ func newAuthorizeStateFromConfig(cfg *config.Config, store *evaluator.Store) (*a
ClientDNSRoundRobin: cfg.Options.GRPCClientDNSRoundRobin,
WithInsecure: cfg.Options.GRPCInsecure,
ServiceName: cfg.Options.Services,
SignedJWTKey: sharedKey,
})
if err != nil {
return nil, fmt.Errorf("authorize: error creating databroker connection: %w", err)