mdibaiee
commented
2 years ago Added a new operation encrypt-config which allows the frontend to send encryption requests, with the difference that this function will add credentials/client_id and credentials/client_secret to the spec before sending it to encryption service. (cc @jgraettinger @travjenkins @psFried)
It can be called like so:
curl -i --location --request POST 'http://localhost:5431/functions/v1/' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24ifQ.625_WdcF3KHqz5amU0x2X5WWHP-OEs_4qj0ssLNHzTs' \
--header 'Content-Type: application/json' \
--data @request.jsonIf the client_id and client_secret are in any way exposed in the response of the encryption service, this function will avoid sending them back to client and will error instead. Try it by removing secret: true from either client_id or client_secret.
request.json:
{
"operation": "encrypt-config",
"connector_id": "06:ab:80:41:d8:00:5c:00",
"config": {"credentials": {}, "greetings": 10},
"schema": {
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Test Source Spec",
"type": "object",
"required": [
"greetings"
],
"properties": {
"credentials": {
"title": "Authentication",
"description": "Google API Credentials",
"type": "object",
"required": [
"client_id",
"client_secret"
],
"properties": {
"client_id": {
"title": "Client ID",
"type": "string",
"secret": true
},
"client_secret": {
"title": "Client Secret",
"type": "string",
"secret": true
},
"refresh_token": {
"title": "Refresh Token",
"type": "string",
"secret": true
}
},
"x-oauth2-provider": "google"
},
"greetings": {
"title": "Number of Greetings",
"description": "Number of greeting documents to produce when running in non-tailing mode",
"default": 1000,
"type": "integer"
}
}
}
}
oauth_client_idandoauth_client_secretto connectors tableoauth_client_secrettoauthenticatedrolecodeandstateconnectorstable withoauth2_specof the connectorThis change is