search

buzzfeed / sso

sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
MIT License
3.1k stars 186 forks source link

sso-proxy: command line tool to generate request signatures #303

Closed benjsto closed 3 years ago

benjsto commented 3 years ago

Problem

For testing signature validation code in other places, it's nice to be able to easily generate signatures. The prior way of doing this involved setting up a test service, making a request to it, and inspecting the request headers between SSO and the upstream to get the signature.

Solution

Make a little command line tool within sso-proxy that takes URL, body, and headers to generate a request signature using the request-signer.

codecov[bot] commented 3 years ago

Codecov Report

Merging #303 (acf2dae) into master (348c2fc) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #303   +/-   ##
=======================================
  Coverage   62.73%   62.73%           
=======================================
  Files          58       58           
  Lines        4286     4286           
=======================================
  Hits         2689     2689           
  Misses       1382     1382           
  Partials      215      215

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 348c2fc...acf2dae. Read the comment docs.

jphines commented 3 years ago

@benjsto wanted to follow up here - have you gotten some time to write those docs haven't pushed 'em yet?

benjsto commented 3 years ago

Sorry, didn't get a chance to do this yet -- will prioritize for this week!