Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[VI-252] MAP STS token validation #19907

Draft
wants to merge 7 commits into
base: master
Choose a base branch
from
Draft

[VI-252] MAP STS token validation #19907

wants to merge 7 commits into from

Conversation

bramleyjl
Copy link
Contributor

@bramleyjl bramleyjl commented Dec 13, 2024
edited
Loading

Summary

  • This work is behind a feature toggle (flipper): YES/NO
  • (Summarize the changes that have been made to the platform)
  • (If bug, how to reproduce)
  • (What is the solution, why is this the solution?)
  • (Which team do you work for, does your team own the maintenance of this component?)
  • (If introducing a flipper, what is the success criteria being targeted?)

Related issue(s)

Testing done

  • New code is covered by unit tests
  • Describe what the old behavior was prior to the change
  • Describe the steps required to verify your changes are working as expected. Exclusively stating 'Specs run' is NOT acceptable as appropriate testing
  • If this work is behind a flipper:
    • Tests need to be written for both the flipper on and flipper off scenarios. Docs.
    • What is the testing plan for rolling out the feature?

Screenshots

Note: Optional

What areas of the site does it impact?

(Describe what parts of the site are impacted andifcode touched other areas)

Acceptance criteria

  • I fixed|updated|added unit tests and integration tests for each feature (if applicable).
  • No error nor warning in the console.
  • Events are being sent to the appropriate logging solution
  • Documentation has been updated (link to documentation)
  • No sensitive information (i.e. PII/credentials/internal URLs/etc.) is captured in logging, hardcoded, or specs
  • Feature/bug has a monitor built into Datadog (if applicable)
  • If app impacted requires authentication, did you login to a local build and verify all authenticated routes work as expected
  • I added a screenshot of the developed feature

Requested Feedback

(OPTIONAL)What should the reviewers know in addition to the above. Is there anything specific you wish the reviewer to assist with. Do you have any concerns with this PR, why?

@bramleyjl bramleyjl mentioned this pull request Dec 13, 2024
Closed
9 tasks
@bramleyjl bramleyjl marked this pull request as ready for review December 17, 2024 19:20
@bramleyjl bramleyjl requested review from a team as code owners December 17, 2024 19:20
@bramleyjl bramleyjl marked this pull request as draft December 17, 2024 19:24
bosawt
bosawt reviewed Dec 17, 2024
View reviewed changes
lib/map/security_token/service.rb
rescue => e
message = "#{config.logging_prefix} token failed, response unknown"
Rails.logger.error(message, application:, icn:)
raise e, "#{message}, application: #{application}, icn: #{icn}"
end

def validate_map_token(encoded_token)
public_cert = config.provider_certificate
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're going to want to cache this call, here is an example how we do it for id.me and login.gov public certs: lib/sign_in/public_jwks.rb.

@va-vfs-bot va-vfs-bot temporarily deployed to VI-252_map_sts_validation/main/main December 17, 2024 19:40 Inactive
@bramleyjl bramleyjl force-pushed the VI-252_map_sts_validation branch from 8072f78 to b51b540 Compare December 17, 2024 22:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bosawt bosawt bosawt left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
require-backend-approval test-failure
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bramleyjl @bosawt @va-vfs-bot