mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-14 03:54:21 +00:00
7caa43ab23
# Which Problems Are Solved The action v2 messages were didn't contain anything providing security for the sent content. # How the Problems Are Solved Each Target now has a SigningKey, which can also be newly generated through the API and returned at creation and through the Get-Endpoints. There is now a HTTP header "Zitadel-Signature", which is generated with the SigningKey and Payload, and also contains a timestamp to check with a tolerance if the message took to long to sent. # Additional Changes The functionality to create and check the signature is provided in the pkg/actions package, and can be reused in the SDK. # Additional Context Closes #7924 --------- Co-authored-by: Livio Spring <livio.a@gmail.com> |
||
|---|---|---|
| .. | ||
| access_interceptor.go | ||
| activity_interceptor.go | ||
| auth_interceptor_test.go | ||
| auth_interceptor.go | ||
| cache_interceptor.go | ||
| call_interceptor.go | ||
| error_interceptor_test.go | ||
| error_interceptor.go | ||
| execution_interceptor_test.go | ||
| execution_interceptor.go | ||
| instance_interceptor_test.go | ||
| instance_interceptor.go | ||
| limits_interceptor.go | ||
| metrics_interceptor.go | ||
| mock_test.go | ||
| quota_interceptor.go | ||
| service_interceptor.go | ||
| tracing.go | ||
| translation_interceptor.go | ||
| translator.go | ||
| validation_interceptor.go | ||