digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-09-20 09:17:43 +03:00
Code Issues Projects Releases Wiki Activity
3,385 Commits 463 Branches 485 Tags 424 MiB
d381603475
Commit Graph

14 Commits

Author SHA1 Message Date
Brian Healey
a5490658ac
EC256 rather than EC512 algo (#4019) 
* EC256 rather than EC512 algo
CHANGELOG_BEGIN
[Ledger API Authorization]Support EC256 algorithm for JWT rather than EC512
CHANGELOG_END

* support both 256 and 512 ECDSA algo

Signed-off-by: Brian Healey <brian.healey@digitalasset.com>

* scalafmt

* correct comment, avoid unnecessary private def

Signed-off-by: Brian Healey <brian.healey@digitalasset.com>

* correct BAZEL formatter
 2020-01-16 08:55:55 -05:00
Brian Healey
95fbf5c921
ECDA512 algorithm support (#3953) 
* ECDA512 algorithm support

* ECDA512

* happy day test for ECDA512 algorithm

* failure test for wrong key for ECDA512 algorithm

* add ability to use EC cert file

* update docs

* scalafmt

* Correct documentation

CHANGELOG_BEGIN
[Ledger API Authorization] Support elliptic curve algorithm for JWT verification
CHANGELOG_END

Signed-off-by: Brian Healey <brian.healey@digitalasset.com>

* correct docs warning
 2020-01-09 07:25:04 -05:00
Andreas Herrmann
f33e79c787
Remove unused dependencies to da_scala_library (#3938) 
* Inline all scala_library dependencies

* Run //:buildifier-fix

* TMP scala_library_suite --> scala_library

* da_scala_library: Enable unused dependency checker

* scala_library: Enable unused dependency checker

* //daml-lf/data:data

* //daml-lf/engine:engine

* //ledger-api/rs-grpc-akka:rs-grpc-akka

* //ledger/participant-state:participant-state

* //ledger/ledger-api-client:ledger-api-client

* //scala-protoc-plugins/scala-logging:scala-logging-lib

* //ledger/ledger-api-scala-logging:ledger-api-scala-logging

* //ledger/ledger-api-common:ledger-api-common

* //ledger-service/utils:utils

* //ledger-service/jwt:jwt

* //ledger/ledger-api-auth:ledger-api-auth

* //extractor:extractor

* //daml-assistant/scala-daml-project-config:scala-daml-project-config

* //language-support/codegen-common:codegen-common

* //language-support/scala/codegen:codegen

* //language-support/codegen-main:codegen-main-lib

* //ledger-service/db-backend:db-backend

* //ledger-service/http-json:http-json

* //daml-lf/scenario-interpreter:scenario-interpreter

* //ledger/sandbox:sandbox

* //navigator/backend:navigator-library

* //daml-assistant/daml-sdk:sdk-lib

* //daml-lf/data-scalacheck:data-scalacheck

* //daml-script/test:test-lib

* //ledger/ledger-api-common:ledger-api-common-scala-tests-lib

* //ledger/test-common:test-common

* //ledger/sandbox:sandbox-scala-tests-lib

* //extractor:extractor-scala-tests-lib

* //language-support/java/bindings:bindings-java-tests-lib

* //language-support/java/bindings-rxjava:bindings-java-tests-lib

* //language-support/scala/bindings-akka-testing:bindings-akka-testing

* //language-support/scala/codegen-testing:codegen-testing

* //language-support/scala/codegen-sample-app:daml-lf-codegen-sample-app

* //language-support/scala/codegen-sample-app:daml-lf-codegen-sample-app-testing

* //language-support/scala/codegen-testing:codegen-testing-testing

* //ledger-api/sample-service:sample-service

* //ledger-api/rs-grpc-akka:rs-grpc-akka-tests-lib

* //ledger/ledger-api-test-tool:ledger-api-test-tool-lib

* //ledger/ledger-api-test-tool:ledger-api-test-tool-tests

* //ledger/participant-state/kvutils:kvutils

* //ledger/sandbox:ledger-api-server

* //ledger/sandbox-perf:sandbox-perf-lib

* //navigator/backend:navigator-tests-library

* UNDO scala_library_suite --> scala_library

This reverts commit ab3eb1ae23139e2ec431ab4551fbb0371e0354e1.

Co-authored-by: Andreas Herrmann <andreash87@gmx.ch>
 2020-01-06 18:14:21 +01:00
Andreas Herrmann
43bbfeaee6
Remove unused dependencies to da_scala_binary (#3937) 
* Inline all scala_binary dependencies

* Run //:buildifier-fix

* da_scala_binary: Enable unused dependency checker

* //compiler/scenario-service/server:scenario-service-raw

* //language-support/scala/codegen:codegen-main

* //daml-lf/encoder:encoder_binary

* //daml-lf/repl:repl

* //language-support/codegen-main:codegen-main

* //language-support/scala/examples:quickstart-scala-bin

* //ledger-api/rs-grpc-akka:rs-grpc-akka-perf

* //ledger-service/jwt:jwt-bin

* //ledger/api-server-damlonx/reference-v2:reference-v2

* //ledger/api-server-damlonx/reference-v2:ephemeral-postgres-reference-server

* //ledger/ledger-api-auth:ledger-api-auth-bin

* //ledger/ledger-api-test-tool:ledger-api-test-tool

* //ledger/participant-state/kvutils/tools:integrity-check

* //navigator/integration-test:navigatortest-jar

* Run //:buildifier-fix

Co-authored-by: Andreas Herrmann <andreash87@gmx.ch>
 2020-01-06 13:58:56 +01:00
Gary Verhaegen
878429e3bf
update copyright notices to 2020 (#3939) 
copyright update 2020

* update template
* run script: `dade-copyright-headers update .`
* update script
* manual adjustments
* exclude frozen proto files from further header checks (by adding NO_AUTO_COPYRIGHT files)
 2020-01-02 21:21:13 +01:00
Andreas Herrmann
9fbb787062 Remove unused dependencies to da_scala_test(_suite) (#3925) 
* Remove unused scala.bzl imports

* override_targets org.scalatest.scalatest_2.12

Otherwise, rules_scala implicitly adds a different version to scala_test
than other packages transitively depending on scalatest. This causes
unused dependency checker to raise an error.

* Handle rules_scala scalatest in pom_file.bzl

* Inline all scala_test dependencies

So that `unused_dependency_checker = "error"` can be applied to them.

* Run //:buildifier-fix

* TMP scala_test_suite --> scala_test

* da_scala_test: Enable unused dependency checker

* //navigator/backend:navigator-scala-tests

* //ledger/sandbox:sandbox-scala-tests

* //ledger/participant-state/kvutils:kvutils-tests

* //ledger/participant-state:participant-state-tests

* //ledger/ledger-api-scala-logging:ledger-api-scala-logging-test

* //ledger/ledger-api-common:ledger-api-common-scala-tests

* //ledger/ledger-api-client:ledger-api-client-tests

* //ledger/ledger-api-auth:ledger-api-auth-scala-tests

* //ledger-service/lf-value-json:tests

* //ledger-service/jwt:tests

* //ledger-service/http-json:tests

* //ledger-api/rs-grpc-akka:rs-grpc-akka-tests

* //language-support/scala/codegen-sample-app:tests

* //language-support/scala/codegen-sample-app:ScalaCodeGenIT

* //language-support/scala/codegen:tests

* //language-support/scala/bindings-akka:tests

* //language-support/java/codegen:test

* //language-support/java/codegen:ledger-tests

* //language-support/java/bindings-rxjava:bindings-java-tests

* //language-support/codegen-common:test

* //extractor:extractor-scala-tests

* //daml-lf/scenario-interpreter:scenario-interpreter_tests

* //daml-lf/language:language-test

* //daml-lf/interface:tests

* //daml-lf/engine:tests

* //daml-lf/encoder:tests

* //daml-lf/archive:daml_lf_archive_reader_tests

* //daml-assistant/scala-daml-project-config:scala-daml-project-config-tests

* UNDO scala_test_suite --> scala_test

This reverts commit 13ed47ba725e944533ca1157a070cb8dc30569ac.

Co-authored-by: Andreas Herrmann <andreash87@gmx.ch>
 2019-12-30 13:49:59 +00:00
lima-da
a801a55d81
update encoder to be urlEncoder (#3893) 
* update encoder to be urlEncoder

* fix decoder as well

* move decoder to constant
 2019-12-18 17:26:36 -05:00
Robert Autenrieth
4c3f6014f6
Implement support for RSA-signed JWT tokens (#3526) 
* Improve Navigator output

* Fix Navigator not using the access token

* Add RSA signatures for JWT tokens

* Remove unused method

* Add timeouts for reading JWKS

* Fix test

* Rename method for consistency

* Improve comment

* More renaming for consistency

* CHANGELOG

CHANGELOG_BEGIN
- [Sandbox] Add CLI options to start the sandbox with JWT based authentication with RSA signed tokens.
  See `issue #3155 <https://github.com/digital-asset/daml/issues/3155>`__ .
- [Navigator] Fixed a bug where the `--access-token-file` option did not work correctly.
CHANGELOG_END

* Make JwksVerifier limits configurable

* Make SimpleHttpServer private
 2019-11-25 16:29:24 +01:00
Robert Autenrieth
89d6c7375c
Add a JWT authentication to sandbox (#3283) 
Fixes #3363
 2019-11-07 23:04:16 +01:00
Andreas Herrmann
2bd1db490a
Replace bazel-deps by rules_jvm_external (#3253) 
* Update bazel-common to fix javadoc issues

Specifically, to fix the following error

```
ERROR: /home/aj/tweag.io/da/da-bazel-1.1/ledger-api/rs-grpc-bridge/BUILD.bazel:7:1: in javadoc_library rule //ledger-api/rs-grpc-bridge:rs-grpc-bridge_javadoc:
Traceback (most recent call last):
        File "/home/aj/tweag.io/da/da-bazel-1.1/ledger-api/rs-grpc-bridge/BUILD.bazel", line 7
                javadoc_library(name = 'rs-grpc-bridge_javadoc')
        File "/home/aj/.cache/bazel/_bazel_aj/5f825ad28f8e070f999ba37395e46ee5/external/com_github_google_bazel_common/tools/javadoc/javadoc.bzl", line 27, in _javadoc_library
                dep.java.transitive_deps
object of type 'JavaSkylarkApiProvider' has no field 'transitive_deps'
```

* Define Maven deps using rules_jvm_external

* Pin artifacts

* Remove bazel-deps generated targets

* Remove bazel-deps

* Switch to rules_jvm_external targets

* update bazel documentation

* pom_file: There are no more bazel-deps targets

* BAZEL-JVM.md `maven_install` typo
 2019-10-28 13:53:14 +01:00
Leonid Shlyapnikov
678ac0d725
Fixing the copyright header (#2522) 2019-08-13 14:25:28 -04:00
Leonid Shlyapnikov
689d4d876c
Removing JWT verification (should be done by the ledger... eventually) (#2501) 
* Removing JWT verification (should be done by the ledger... eventually)

Adding JwtDecoder that does not do JWT signature validation at all.

* Updating README

* Changes to allow overriding the default JWT decode only logic.

You can pass a function that does more than just decoding.
 2019-08-13 13:43:26 -04:00
Gary Verhaegen
99ea93168d
update copyright notices (#2499) 2019-08-13 17:23:03 +01:00
Leonid Shlyapnikov
c7b5482e43 JWT HMAC256 Authorization (#2389) 
* Starting //ledger-service/jwt module

adding //3rdparty/jvm/com/auth0:java_jwt dependency, there are Scala JWT
libraries, however they are either immature or unsupported

* Keys and JWT generator utility/wrapper, WIP

* Keys and JWT generator utility/wrapper, WIP

* RSA Keys generator

* HMAC token validation added to command/create endpoint

HMAC is actually not good, need RSA, this is a shortcut for DABL team.

* Renaming

* command/create test cases fixed to pass OAth2 Bearer token

* removing unused method

* JWT authorization for /command/exercise

* the rest of the endpoints uses JWT authorization

removed hardcoded JwtPayload

* cleanup

* cleanup

* http status code in the header and in the json body should match now

* NotFound would also return a json body now

* Removing hardcoded JWT in the integration test

it is generated using the JwtSigner.HMAC256

* cleanup

* fixing error message

* instructions for making a JWT HMAC token for dev
 2019-08-07 16:26:26 +00:00