Closed tarikeshaq closed 8 months ago
Alrighty this should be in a good stage for a first-round review
@jrconlin @pjenvey I know there is a lot going in the autopush world, so no rush getting to this - it is not urgent and I wouldn't want to interrupt your flow over there but I'll keep my eye on the patch for when ya'll get the time
Just stopping by to say this is awesome and I'm glad it's happening 🎉
This is why I love working in the open - Great to see you @ethowitz!!
Part of me would love to put the python replacement stuff behind a feature flag, maybe break the functions out of tokenserver-auth/lib.rs
and into either lib-py.rs
or lib-rs.rs
(same with oauth.rs
) and bring them in via a flag? That would let us land this code but keep it out of production use while it gets reviewed.
Fortunately a LOT of this PR is general cleanup.
Thank you @jrconlin!! I like the suggestion of using rust features for this so it's safer (also easier to rollback and canary, etc etc)
I went ahead and moved the python implementation behind a rust feature, and removing that feature will have the Rust implementation
(the ci failures are unrelated and should be fixed in #1518 )
Description
We were using pyo3 in two places to call into Python code:
/v1/verify/
call on FxA's oauth server, asking FxA to verify for usmake_token
andget_derived_secret
This PR replaces both usages of pyo3 with Rust code implemented directly in the tokenserver.
Testing
I've tested a local firefox connected to FxA's stage, and my local environment with tokenserver and syncstorage and verified that:
My local firefox syncs successfully with the changes in this PR, however, Out of abundance of caution we should run end-to-end tests and deploy this first on a canary if we plan to take it
TODOs
verify
andget_token_and_derived_secret
Issue(s)
Closes SYNC-3528.