Skip to content

feat: create a C++ sample plugin for HMAC cookie authorization. #117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mpwarres merged 11 commits into from
Mar 5, 2025
Merged

feat: create a C++ sample plugin for HMAC cookie authorization. #117

mpwarres merged 11 commits into from
Mar 5, 2025

Conversation

@walves-cit
Copy link
Contributor

@walves-cit walves-cit commented Sep 9, 2024

This plugin is a HMAC cookie authorization showcase.

Technically, this is performed by ensuring that the request has a valid HMAC cookie.

This examples contains only a C++ version.

@walves-cit walves-cit marked this pull request as ready for review September 9, 2024 19:37
@walves-cit walves-cit requested a review from a team as a code owner September 9, 2024 19:37
@snippet-bot
Copy link

snippet-bot bot commented Sep 9, 2024
edited
Loading

Here is the summary of changes.

You are about to add 1 region tag.

This comment is generated by snippet-bot.
If you find problems with this result, please file an issue at:
https://github.com/googleapis/repo-automation-bots/issues.
To update this comment, add snippet-bot:force-run label or use the checkbox below:

  • Refresh this comment

martijneken
martijneken reviewed Oct 16, 2024
View reviewed changes
mpwarres
mpwarres reviewed Jan 15, 2025
View reviewed changes
mpwarres
mpwarres approved these changes Mar 5, 2025
View reviewed changes
plugins/samples/hmac_authcookie/plugin.cc
const auto path = getRequestHeader(":path")->toString();
if (computeHmacSignature(path) != token.value()) {
const std::optional<std::pair<std::string, std::string>> payload_and_hash =
parseAuthorizationCookie(token.value());
Copy link
Collaborator

@mpwarres mpwarres Mar 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

optional: can dereference using *token instead of token.value(), since has_value() has been checked earlier. *token is shorter and doesn't have behavior that depends on build mode (i.e. whether or not to throw an exception)

plugins/samples/hmac_authcookie/plugin.cc
FilterHeadersStatus onRequestHeaders(uint32_t headers,
bool end_of_stream) override {
const auto token = getTokenFromCookie();
const std::optional<std::string> ip = getClientIp();
Copy link
Collaborator

@mpwarres mpwarres Mar 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice structuring of this method! The factoring of checks/parsing into helper methods make it very clear.

@mpwarres mpwarres merged commit 7f02bfc into GoogleCloudPlatform:main Mar 5, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mpwarres mpwarres mpwarres approved these changes

@martijneken martijneken Awaiting requested review from martijneken

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@walves-cit @mpwarres @martijneken