Skip to content
This repository was archived by the owner on Oct 11, 2024. It is now read-only.

Comments

Use fake authentication in example#1452

Merged
gdbelvin merged 1 commit intogoogle:masterfrom
gdbelvin:fakeauth
Feb 13, 2020
Merged

Use fake authentication in example#1452
gdbelvin merged 1 commit intogoogle:masterfrom
gdbelvin:fakeauth

Conversation

@gdbelvin
Copy link
Contributor

@gdbelvin gdbelvin commented Feb 11, 2020

By using a fake authentication mechanism for the sandbox server we
achieve two objectives:

  1. We can avoid making the authentication Google specific.
  2. We can avoid the need to embed OAuth client secrets in open source
    code. Client secrets are meant for particular compiled applications.

Fixes #1393 - Embed OAuth client ID

@gdbelvin gdbelvin requested a review from a team as a code owner February 11, 2020 15:49
@gdbelvin gdbelvin requested a review from taknira February 11, 2020 15:49
@codecov
Copy link

codecov bot commented Feb 11, 2020
edited
Loading

Codecov Report

Merging #1452 into master will decrease coverage by 0.09%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1452      +/-   ##
==========================================
- Coverage   68.03%   67.93%   -0.10%     
==========================================
  Files          54       54              
  Lines        4026     4026              
==========================================
- Hits         2739     2735       -4     
- Misses        889      891       +2     
- Partials      398      400       +2
Impacted Files Coverage Δ
core/sequencer/trillian_client.go 61.42% <0.00%> (-2.86%) ⬇️
core/sequencer/server.go 73.61% <0.00%> (-0.66%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update abd6967...3567d0a. Read the comment docs.

@gdbelvin gdbelvin force-pushed the fakeauth branch 2 times, most recently from 1b2a54c to 945ecfe Compare February 13, 2020 11:37
@gdbelvin
Use fake authentication in example
3567d0a 
By using a fake authentication mechanism for the sandbox server we
achieve two objectives:

1. We can avoid making the authentication Google specific.
2. We can avoid the need to embed OAuth client secrets in open source
   code. Client secrets are meant for particular compiled applications.

Fixes google#1393 - Embed OAuth client ID
@gdbelvin gdbelvin merged commit 3b442e2 into google:master Feb 13, 2020
@gdbelvin gdbelvin deleted the fakeauth branch February 13, 2020 18:48
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@taknira taknira taknira approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

cla: yes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Embed OAuth ID client secret in code?

3 participants

@gdbelvin @taknira @googlebot