> On March 8, 2017, 11:15 p.m., Greg Mann wrote: > > 3rdparty/libprocess/src/jwt_authenticator.cpp > > Lines 75-97 (patched) > > <https://reviews.apache.org/r/56753/diff/6/?file=1659233#file1659233line75> > > > > Strictly speaking, each element of the vector passed to the > > `Unauthorized()` constructor should be a separate challenge; in this case, > > each element is an attribute of a single challenge. We should pass these as > > a single string, in case the constructor of `Unauthorized` changes in the > > future to set multiple 'WWW-Authenticate' headers when there are multiple > > challenges. I would recommend: > > ``` > > result.unauthorized = Unauthorized({ > > "Bearer realm=\"" + realm_ + "\", " > > "error=\"invalid_token\", " > > "error_description=\"Malformed 'Authorization' header\""}); > > ```
That was my intend, because the elements in the vector will be joined to a single `WWW-Authenticate` challenge. But it looks like (MESOS-3306) that this is only temporary. Will change it to a single string. - Jan ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/56753/#review168352 ----------------------------------------------------------- On March 8, 2017, 3:24 p.m., Jan Schlicht wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/56753/ > ----------------------------------------------------------- > > (Updated March 8, 2017, 3:24 p.m.) > > > Review request for mesos, Alexander Rojas and Greg Mann. > > > Bugs: MESOS-7001 > https://issues.apache.org/jira/browse/MESOS-7001 > > > Repository: mesos > > > Description > ------- > > This HTTP authenticator extracts a JWT from the requests' authorization > header using the 'Bearer' schema and validates it against a secret using > HMAC SHA256. The 'sub' claim of the JWT is the extracted principal, all > other claims will be additional labels of the 'Principal'. > > > Diffs > ----- > > 3rdparty/libprocess/Makefile.am 75386184108214e67a58c328258ec204099d638c > 3rdparty/libprocess/include/process/authenticator.hpp > 00660f42cd4b707d955745bbfea5ffec73f690d6 > 3rdparty/libprocess/src/jwt_authenticator.cpp PRE-CREATION > 3rdparty/libprocess/src/tests/http_tests.cpp > a0e23c2300f9f6b9d1143ee1eb115bbf24adf92e > > > Diff: https://reviews.apache.org/r/56753/diff/6/ > > > Testing > ------- > > make check > > > Thanks, > > Jan Schlicht > >
