authorization - get network id from headers
MicaiahReid opened this issue · 2 comments
The discussion is happening here:
https://github.com/hirosystems/artemis/issues/490
Whatever is done on the chainhooks side should be implemented for the devnet api as well.
When the oauth2-proxy forwards traffic to the devnet API, it will include a header which contains the user’s ID in Auth0. For example, if you visit https://echo.platform.dev.hiro.so/, you will see that header is called x-auth-request-user. For this example, let’s say the value the header contains is google-oauth2|0123456789 .
The devnet will receive the request forwarded by the oauth2-proxy. It could extract google-oauth2|0123456789 from the x-auth-request-user header, parse it, and route the devnet traffic to a K8s service conveniently named something like stacks-blockchain-api.0123456789.svc.cluster.local . Assuming we design the infrastructure so that a user’s namespace is the user’s numerical identity from Auth0, the routing should line up perfectly.
For all routes, we should get the network id from the header and use it for the routing, or check it agains the network id in the url path.
Completed by #47