czentgr
commented
1 year ago @aditi-pandit can you please assign this to me. Thanks!
Closed czentgr closed 6 months ago
czentgr
commented
1 year ago @aditi-pandit can you please assign this to me. Thanks!
czentgr
commented
1 year ago Implemented a solution and unit tests using the jwt-cpp implementation.
I'm adding them under the external folder as this is header only. Also switching the trait usage to the already available nlohman-json instead of the default picojson.
I'll create a PR as soon as I have sorted out the build issues that resulted from the switch. A TODO could be to switch the base64 processing from the packaged base64 to folly base64 implementation for the encode and decode.
czentgr
commented
6 months ago Closing. Feature has been implemented for a while.
The Java worker is adding a JWT when the internal communication is HTTPS.
The header contains the "X-Presto-Internal-Bearer" header with a generated JWT. A shared secret is used to generate a JWT for a request and validate a received JWT.
See: https://github.com/prestodb/presto/pull/19706
Multiple JWT libraries exist that support the processing. None of these seem to be in use yet. The list is here: https://jwt.io/libraries The Java implementation uses one from the list.
For C++ https://github.com/Thalhammer/jwt-cpp looks pretty good.
The idea is to create a new filter that validates or generates a new header with the token based on the key.