digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-11-10 10:46:11 +03:00
Code Issues Projects Releases Wiki Activity
bb0d3f24cb
daml/ledger/ledger-api-auth
History
Stefano Baghino bd32bd6c8f
Return proper code for invalid authentication (#4485) 
* Return proper code for invalid authentication

CHANGELOG_BEGIN
[Sandbox] If authentication is enabled, requests without a valid
authentication are going to be rejected with an ``UNAUTHENTICATED``
return code instead of ``PERMISSION_DENIED``.
CHANGELOG_END

* Reduce logging noise from java-rxbindings tests

* Fix rxjava bindings tests to match new behavior

* Fix extractor tests to match new behavior

* Address https://github.com/digital-asset/daml/pull/4485#discussion_r378507478
2020-02-17 11:09:16 +00:00
..
src Return proper code for invalid authentication (#4485) 2020-02-17 11:09:16 +00:00
BUILD.bazel Remove unused dependencies to da_scala_library (#3938) 2020-01-06 18:14:21 +01:00
README.md Move AuthService (#3272) 2019-10-29 15:46:43 +00:00

README.md

Ledger API authorization

General authorization in gRPC

An Interceptor reads HTTP headers, and stores relevant information (e.g., claims) in a Context.

GRPC services read the stored data from the Context in order to validate the requests.

Authorization in the ledger API

The AuthService defines an interface for decoding HTTP headers into Claims.

The ledger API server takes an AuthService implementation as an argument.

The ledger API server uses a call interceptor and the given AuthService implementation to to store decoded Claims in the gRPC Context.

All ledger API services use the Claims to validate their requests.