Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(decision): add support to register api keys to proxy #5168

Merged
merged 8 commits into from
Jul 9, 2024
Merged

feat(decision): add support to register api keys to proxy #5168

merged 8 commits into from
Jul 9, 2024

Conversation

NishantJoshi00
Copy link
Member

@NishantJoshi00 NishantJoshi00 commented Jul 1, 2024
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

This PR adds support for exporting hashed api keys to the incoming proxy allowing for authentication outside the application facilitating detached authentication and ratelimiting

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

How did you test it?

The testing is done locally by running both the application and the api key registry

  1. Create Merchant
image 2. The Key is added to the registry image 3. Create API Key image 4. Verify if the key is added to the registry image 5. Query the service to get details image This response aligns with the requirements of the partial-auth system #4802

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@NishantJoshi00 NishantJoshi00 self-assigned this Jul 1, 2024
@NishantJoshi00 NishantJoshi00 requested review from a team as code owners July 1, 2024 13:19
@NishantJoshi00 NishantJoshi00 linked an issue Jul 1, 2024 that may be closed by this pull request
[FEATURE] Allow authentication to be done outside the router application #4803
Closed
akshay-97
akshay-97 reviewed Jul 1, 2024
View reviewed changes
crates/router/src/services/authentication/decision.rs
}
}

pub async fn add_publishable_key(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we combine with add_api_key and pass variant to a common function ?

akshay-97
akshay-97 reviewed Jul 1, 2024
View reviewed changes
crates/router/src/core/admin.rs
@@ -281,6 +281,25 @@ pub async fn create_merchant_account(
.await
.to_duplicate_response(errors::ApiErrorResponse::DuplicateMerchantAccount)?;

if let Some(api_key) = merchant_account.publishable_key.as_ref() {
let state = state.clone();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we clone only necessary data here?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/juspay/hyperswitch/pull/5168/files#r1661123714

akshay-97
akshay-97 previously approved these changes Jul 2, 2024
View reviewed changes
ThisIsMani
ThisIsMani approved these changes Jul 9, 2024
View reviewed changes
crates/router/src/services/authentication/decision.rs
let decision_config = if let Some(config) = &state.conf.decision {
config
} else {
return Ok(());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a log if possible.

@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue Jul 9, 2024
Merged via the queue into main with commit 071d534 Jul 9, 2024
13 checks passed
@Gnanasundari24 Gnanasundari24 deleted the decision-svc branch July 9, 2024 07:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jagan-jaya jagan-jaya jagan-jaya approved these changes

@akshay-97 akshay-97 akshay-97 approved these changes

@Narayanbhat166 Narayanbhat166 Narayanbhat166 approved these changes

@ThisIsMani ThisIsMani ThisIsMani approved these changes

@lsampras lsampras Awaiting requested review from lsampras

Assignees

@NishantJoshi00 NishantJoshi00

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE] Allow authentication to be done outside the router application
6 participants
@NishantJoshi00 @jagan-jaya @akshay-97 @Narayanbhat166 @ThisIsMani @Gnanasundari24