Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): Add support for partial-auth, by facilitating injection of authentication parameters in headers #4802

Merged
merged 30 commits into from
Aug 1, 2024
Merged

feat(auth): Add support for partial-auth, by facilitating injection of authentication parameters in headers #4802

merged 30 commits into from
Aug 1, 2024

Conversation

NishantJoshi00
Copy link
Member

@NishantJoshi00 NishantJoshi00 commented May 29, 2024
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

Adding a wrapper over ApiKeyAuth and PublishableKeyAuth that provides an alternative to allow authentication being done outside the application. This is done by allowing the external entity (most likely a reverse proxy) to send the parameters necessary for the authentication of the request, there by reducing the need to perform db calls and improving the performance of the service.

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

How did you test it?

image

Using a dummy service to generate a request and header parameters, and sending this parameter to the hyperswitch application without api-key and getting authenticated for the request.

image

curl --location 'https://sandbox.hyperswitch.io/payments' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'x-merchant-id: bye123' \
--header 'x-key-id: dev_CCCCCCCCCCCCCCCCCCCC' \
--header 'x-auth-type: api_key' \
--header 'x-checksum: 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' \
--data-raw '{
  "amount": 6540,
  "currency": "USD",
  "confirm": true,
  "capture_method": "automatic",
  "capture_on": "2022-09-10T10:11:12Z",
  "amount_to_capture": 6540,
  "customer_id": "StripeCustomer",
  "email": "[email protected]",
  "name": "John Doe",
  "phone": "999999999",
  "phone_country_code": "+1",
  "description": "Its my first payment request",
  "authentication_type": "no_three_ds",
  "return_url": "https://google.com",
  "payment_method": "card",
  "payment_method_type": "credit",
  "payment_method_data": {
    "card": {
      "card_number": "4242424242424242",
      "card_exp_month": "10",
      "card_exp_year": "25",
      "card_holder_name": "joseph Doe",
      "card_cvc": "123"
    }
  },
  "billing": {
    "address": {
      "line1": "1467",
      "line2": "Harrison Street",
      "line3": "Harrison Street",
      "city": "San Fransico",
      "state": "California",
      "zip": "94122",
      "country": "US",
      "first_name": "joseph",
      "last_name": "Doe"
    },
    "phone": {
      "number": "8056594427",
      "country_code": "+91"
    }
  },
  "shipping": {
    "address": {
      "line1": "1467",
      "line2": "Harrison Street",
      "line3": "Harrison Street",
      "city": "San Fransico",
      "state": "California",
      "zip": "94122",
      "country": "US",
      "first_name": "joseph",
      "last_name": "Doe"
    },
    "phone": {
      "number": "8056594427",
      "country_code": "+91"
    }
  },
  "statement_descriptor_name": "joseph",
  "statement_descriptor_suffix": "JS",
  "metadata": {
    "udf1": "value1",
    "new_customer": "true",
    "login_date": "2019-09-10T10:11:12Z"
  }
}'

Here, you can see that the request was successful, but the payment failed. There by showcasing that the request was authenticated successfully.

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@NishantJoshi00 NishantJoshi00 requested review from a team as code owners May 29, 2024 06:40
@NishantJoshi00 NishantJoshi00 self-assigned this May 29, 2024
@NishantJoshi00 NishantJoshi00 added A-framework Area: Framework A-core Area: Core flows S-waiting-on-review Status: This PR has been implemented and needs to be reviewed labels May 29, 2024
@NishantJoshi00 NishantJoshi00 requested a review from dracarys18 May 29, 2024 07:31
@NishantJoshi00 NishantJoshi00 linked an issue May 29, 2024 that may be closed by this pull request
[FEATURE] Allow authentication to be done outside the router application #4803
Closed
jarnura
jarnura requested changes May 30, 2024
View reviewed changes
jarnura
jarnura previously approved these changes Jun 4, 2024
View reviewed changes
Copy link
Member

@jarnura jarnura left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@NishantJoshi00 NishantJoshi00 requested a review from jarnura June 13, 2024 09:51
jagan-jaya
jagan-jaya requested changes Jun 13, 2024
View reviewed changes
@NishantJoshi00 NishantJoshi00 dismissed stale reviews from jarnura, dracarys18, and akshay-97 via b897016 July 30, 2024 07:11
akshay-97
akshay-97 previously approved these changes Jul 30, 2024
View reviewed changes
dracarys18
dracarys18 previously approved these changes Jul 30, 2024
View reviewed changes
jarnura
jarnura previously approved these changes Jul 30, 2024
View reviewed changes
jagan-jaya
jagan-jaya previously approved these changes Jul 31, 2024
View reviewed changes
Chethan-rao
Chethan-rao previously approved these changes Jul 31, 2024
View reviewed changes
ThisIsMani
ThisIsMani previously approved these changes Jul 31, 2024
View reviewed changes
Copy link
Contributor

@ThisIsMani ThisIsMani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dashboard specific changes looks fine.

@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue Jul 31, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jul 31, 2024
@NishantJoshi00 NishantJoshi00 enabled auto-merge July 31, 2024 10:50
@NishantJoshi00 NishantJoshi00 added this pull request to the merge queue Aug 1, 2024
Merged via the queue into main with commit 1d4c87a Aug 1, 2024
14 checks passed
@NishantJoshi00 NishantJoshi00 deleted the partial-auth branch August 1, 2024 09:50
@SanchithHegde SanchithHegde removed the S-waiting-on-review Status: This PR has been implemented and needs to be reviewed label Aug 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jarnura jarnura jarnura approved these changes

@akshay-97 akshay-97 akshay-97 approved these changes

@Chethan-rao Chethan-rao Chethan-rao approved these changes

@ThisIsMani ThisIsMani ThisIsMani approved these changes

@jagan-jaya jagan-jaya jagan-jaya left review comments

@dracarys18 dracarys18 dracarys18 left review comments

@knutties knutties Awaiting requested review from knutties

@Narayanbhat166 Narayanbhat166 Awaiting requested review from Narayanbhat166

Assignees

@NishantJoshi00 NishantJoshi00

Labels
A-core Area: Core flows A-framework Area: Framework
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE] Allow authentication to be done outside the router application
9 participants
@NishantJoshi00 @jagan-jaya @jarnura @akshay-97 @dracarys18 @Narayanbhat166 @Chethan-rao @ThisIsMani @SanchithHegde