Make Auth Service save the public project ID (or a fingerprint of it) to the Auth Database - Githubissues

storj / edge

Storj edge services (including multi-tenant, S3-compatible server to interact with the Storj network)

GNU Affero General Public License v3.0

53 stars 18 forks source link

Make Auth Service save the public project ID (or a fingerprint of it) to the Auth Database #439

Closed amwolff closed 3 months ago

amwolff commented 4 months ago

Goal

It would be useful for edge services to be able to retrieve and know what the public project ID tied to the access grant at hand is. It would be most useful to have it in logs. Because we don't want to incur additional roundtrips to the satellite on every, e.g., S3 operation, it makes sense to save the public project ID to the Auth Database when Auth Service registers the access grant the same way we save the macaroon head from the access grant. Project IDs always reference the same macaroon heads/access grants, so it's safe to do this.

Acceptance Criteria

Make Auth Service use the new API to query the satellite for the public project ID and save it.

Links

Current database schema of Auth Database:

https://github.com/storj/edge/blob/6f460d76aaee91a6e5ec18b0cdfa02fcc6a05660/pkg/auth/spannerauth/spannerauthtest/spannerauthtest.go#L43-L55

storj-gerrit[bot] commented 3 months ago

Change pkg/auth: save public project ID with authservice data mentions this issue.

storj-gerrit[bot] commented 3 months ago

Change pkg/authclient: support public_project_id in authservice response mentions this issue.

storj-gerrit[bot] commented 3 months ago

Change testsuite/authservice: add integration test mentions this issue.

storj-gerrit[bot] commented 3 months ago

Change pkg/server/middleware: show public project ID in events and logs mentions this issue.