mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Mann <g...@mesosphere.io>
Subject Re: Review Request 56753: Implemented the JWT authenticator.
Date Tue, 07 Mar 2017 19:36:32 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56753/#review168169
-----------------------------------------------------------


Fix it, then Ship it!





3rdparty/libprocess/Makefile.am
Line 154 (original), 154 (patched)
<https://reviews.apache.org/r/56753/#comment240324>

    We should probably keep 'authenticator.cpp', just for the Principal-related implementations
which were recently added: `json(JSON::ObjectWriter*, const Principal&)` and `operator<<(std::ostream&,
const Principal&)`. It seems a bit strange to have those in 'basic_authenticator.cpp'?



3rdparty/libprocess/include/process/authenticator.hpp
Lines 160 (patched)
<https://reviews.apache.org/r/56753/#comment240325>

    s/withn/within/



3rdparty/libprocess/src/jwt_authenticator.cpp
Lines 73-78 (patched)
<https://reviews.apache.org/r/56753/#comment240332>

    Need `return result;` here.



3rdparty/libprocess/src/jwt_authenticator.cpp
Lines 106 (patched)
<https://reviews.apache.org/r/56753/#comment240333>

    Is the `Option<string>::none()` necessary here? I think the `value` member should
be default-initialized to `NONE`?



3rdparty/libprocess/src/jwt_authenticator.cpp
Lines 126-144 (patched)
<https://reviews.apache.org/r/56753/#comment240329>

    Looks like a more standard practice would be to use `process_.get()` rather than `*process_`,
in all 4 occurrences here.
    
    I see that the `BasicAuthenticator` also uses `*process`, but using `.get()` will be more
consistent with the rest of the codebase, as it looks like the `BasicAuthenticator` is the
only occurrence of the `*process` syntax. They are functionally equivalent (modulo the presence
of a `CHECK_NOTNULL` in the spawn case, which is unnecessary here I'd say).



3rdparty/libprocess/src/tests/http_tests.cpp
Lines 2042-2043 (patched)
<https://reviews.apache.org/r/56753/#comment240330>

    Fits on one line.



3rdparty/libprocess/src/tests/http_tests.cpp
Lines 2070 (patched)
<https://reviews.apache.org/r/56753/#comment240334>

    Is the `Option<string>::none()` necessary here? I think the `value` member should
be default-initialized to `NONE`?


- Greg Mann


On March 7, 2017, 3:36 p.m., Jan Schlicht wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56753/
> -----------------------------------------------------------
> 
> (Updated March 7, 2017, 3:36 p.m.)
> 
> 
> Review request for mesos, Alexander Rojas and Greg Mann.
> 
> 
> Bugs: MESOS-7001
>     https://issues.apache.org/jira/browse/MESOS-7001
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This HTTP authenticator extracts a JWT from the requests' authorization
> header using the 'Bearer' schema and validates it against a secret using
> HMAC SHA256. The 'sub' claim of the JWT is the extracted principal, all
> other claims will be additional labels of the 'Principal'.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/Makefile.am 75386184108214e67a58c328258ec204099d638c 
>   3rdparty/libprocess/include/process/authenticator.hpp 00660f42cd4b707d955745bbfea5ffec73f690d6

>   3rdparty/libprocess/src/authenticator.cpp  
>   3rdparty/libprocess/src/jwt_authenticator.cpp PRE-CREATION 
>   3rdparty/libprocess/src/tests/http_tests.cpp a0e23c2300f9f6b9d1143ee1eb115bbf24adf92e

> 
> 
> Diff: https://reviews.apache.org/r/56753/diff/5/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Jan Schlicht
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message