I'm looking forward to add JWT token support to postback delivery method. This change is essential for an initiative at GitLab to convert the push-directly-to-redis way to webhook style. The full context is available at https://gitlab.com/groups/gitlab-com/gl-infra/-/epics/644.
The mailroom gem already supports postback strategy that delivers the mail contents via HTTP request. However, mail_room gem uses Faraday and its token_auth authentication method. This method adds a configured token to Authorization header: Authorization: Token token="something". Unfortunately, we are following a different approach for authentication. We are using JWT tokens for internal APIs. The token is generated using HS256 algorithm using a shard symmetric secret file. The tokens are then embedded into a custom request header. Since GitLab as a whole is a collection of different services, each service uses a different secret and embeds into a different header.
I would like to propose to add the following configurations to the postback delivery method:
The meanings of each configuration is self-explanatory. At the moment, I implemented just subset of JWT reserved claims and haven't supported custom payload. I would love to add more to make the solution becomes more useful for everyone. As a result, the official JWT gem is added as a dependency of this gem.
Hi there 👋
I'm looking forward to add JWT token support to postback delivery method. This change is essential for an initiative at GitLab to convert the push-directly-to-redis way to webhook style. The full context is available at https://gitlab.com/groups/gitlab-com/gl-infra/-/epics/644.
The mailroom gem already supports postback strategy that delivers the mail contents via HTTP request. However, mail_room gem uses Faraday and its token_auth authentication method. This method adds a configured token to Authorization header:
Authorization: Token token="something"
. Unfortunately, we are following a different approach for authentication. We are using JWT tokens for internal APIs. The token is generated using HS256 algorithm using a shard symmetric secret file. The tokens are then embedded into a custom request header. Since GitLab as a whole is a collection of different services, each service uses a different secret and embeds into a different header.I would like to propose to add the following configurations to the postback delivery method:
The request headers look something like:
The meanings of each configuration is self-explanatory. At the moment, I implemented just subset of JWT reserved claims and haven't supported custom payload. I would love to add more to make the solution becomes more useful for everyone. As a result, the official JWT gem is added as a dependency of this gem.
cc @stanhu