Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Get promise token for CS autofix requests #830

Merged
merged 7 commits into from
Apr 3, 2025
Merged

feat: Get promise token for CS autofix requests #830

merged 7 commits into from
Apr 3, 2025

Conversation

phornig
Copy link
Contributor

@phornig phornig commented Mar 25, 2025

For sites of delivery type cloud service a promise token needs to be stored in the autofix job to be able to authenticate against the cloud service AEM instance.
This PR uses the IMS Promise client to exchange the user's token against a promise token which is stored in the sqs message payload to be used in the autofix worker later on. The promise token is not considered a secret, but may be optionally encrypted using a shared secret.

@alinarublea alinarublea requested a review from solaris007 March 26, 2025 09:26
solaris007
solaris007 reviewed Mar 26, 2025
View reviewed changes
Copy link
Member

@solaris007 solaris007 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

generally unsure why encryption is needed. please involve AEM security team for a spot review of encryption.

@phornig
Copy link
Contributor Author

phornig commented Mar 27, 2025

Moved encryption related code to the IMS client for better re-use, see adobe/spacecat-shared#667
Since promise token are not considered secret, we could also drop encryption completely, now it is optional.

solaris007
solaris007 approved these changes Apr 3, 2025
View reviewed changes
Copy link
Member

@solaris007 solaris007 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for making the adjustments.

@alinarublea alinarublea merged commit 356e6bd into adobe:main Apr 3, 2025
2 checks passed
solaris007 pushed a commit that referenced this pull request Apr 3, 2025
@semantic-release-bot
chore(release): 1.103.0 [skip ci]
b405635 
# [1.103.0](v1.102.13...v1.103.0) (2025-04-03)

### Bug Fixes

* **deps:** update dependency @adobe/spacecat-shared-ims-client to v1.7.0 ([#845](#845)) ([10945b7](10945b7))

### Features

* Get promise token for CS autofix requests ([#830](#830)) ([356e6bd](356e6bd))
@solaris007
Copy link
Member

🎉 This PR is included in version 1.103.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@solaris007 solaris007 solaris007 approved these changes

@alinarublea alinarublea Awaiting requested review from alinarublea

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@phornig @solaris007 @alinarublea