Skip to content

Commit

Permalink
Merge pull request #184 from minitech/unused
Browse files Browse the repository at this point in the history 
refactor: remove unused Firebase App Check, homegrown app check tokens, and HKDF secret
  • Loading branch information
@mattrltrent
mattrltrent authored Mar 9, 2024
2 parents 97ee1f0 + 3ab0599 commit a71037b
Show file tree
Hide file tree
Showing 8 changed files with 0 additions and 61 deletions.
4 changes: 0 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,6 @@ Repo > Settings > Secrets and variables > Actions > New repository secret
cat env-example > .env
```

**Add the app check token:**

Open the `.env` file and follow the [link](https://generate-random.org/api-token-generator) to create the `APPCHECK_TOKEN` env variable.

**Ensure you have the correct 16-byte `MASK_SECRET` in the `.env` file.**

An example is provided in the `env-example`, but obviously generate your own for prod.
Expand Down
1 change: 0 additions & 1 deletion docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@ services:
environment:
PORT:
POSTGRES_DSN:
APPCHECK_TOKEN:
REDIS_CONN:
PUBLIC_DOC_ACCESS:
AWS_ACCESS_KEY_ID:
Expand Down
7 changes: 0 additions & 7 deletions env-example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,6 @@ PORT="8080"

POSTGRES_DSN="postgres://postgres:postgres@db:5432/confesi?sslmode=disable"

# generate token at https://generate-random.org/api-token-generator
APPCHECK_TOKEN="kXfeSRgYTnoUztu6MO8FndqiRayoBaJqyDKQmoqvX3V9sZVlep/cm7cP!mgd-B9H"

# generate key from https://numbergenerator.org/hex-code-generator
# either 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256
HKDF_SECRET="some-secret-string"

# a 16-byte key
# generate with `python3 -c 'import secrets; print(secrets.token_urlsafe(16))'`, for example
MASK_SECRET="gG9-td9Nvs3tNZDTXEXKaQ"
Expand Down
1 change: 0 additions & 1 deletion handlers/auth/requests.http
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ Content-Type: application/json

PATCH http://127.0.0.1:8080/api/v1/auth/update-email
Content-Type: application/json
X-AppCheck-Token: kXfeSRgYTnoUztu6MO8FndqiRayoBaJqyDKQmoqvX3V9sZVlep/cm7cP!mgd-B9H
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjUyNmM2YTg0YWMwNjcwMDVjZTM0Y2VmZjliM2EyZTA4ZTBkZDliY2MiLCJ0eXAiOiJKV1QifQ.eyJyb2xlcyI6W10sInN5bmMiOnRydWUsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9jb25mZXNpLXNlcnZlci1kZXYiLCJhdWQiOiJjb25mZXNpLXNlcnZlci1kZXYiLCJhdXRoX3RpbWUiOjE3MDM4MzUzMTAsInVzZXJfaWQiOiJzQWxoN1p5bkVmYzd6ZUhHU3Y4TWVYamVLWVQyIiwic3ViIjoic0FsaDdaeW5FZmM3emVIR1N2OE1lWGplS1lUMiIsImlhdCI6MTcwMzgzNTMxMCwiZXhwIjoxNzAzODM4OTEwLCJlbWFpbCI6Im1hdHRoZXcucmwudHJlbnRAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsibWF0dGhldy5ybC50cmVudEBnbWFpbC5jb20iXX0sInNpZ25faW5fcHJvdmlkZXIiOiJwYXNzd29yZCJ9fQ.NjJXT0CYxQJKKpozQl70CvgaJOZJDwugoKnYNas42QOK4rvgTeTP30V--ALU4UHS4mOslr8dTbL1CMbdL1xTjOKSGpnXZRIlLJvomya56FbMK2ANeoEp-27bzIt1H4Jj6FcP498UOjL8Pf3bmuoj7_CPUhylpOsqf_11kkIQrIs_MKeelHFrLWc8nYRX_2UHiJz459SfqmQghJNPwC47X9u-9yDUOXXtxPI1LBq3CIeJvC7vg03ACTQn88AMrgGqEStgIDpRNt7w9uMh7uYXQ9YAfJuPtFZDTVhJ13v1KSyiOkogr93OK6Akqa4c99WAUWVKSDk0O8a4T687TYThdQ

{
Expand Down
1 change: 0 additions & 1 deletion handlers/user/requests.http
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,6 @@ Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjUyNmM2YTg0YWMwNjcwMDVjZTM0Y2

GET http://127.0.0.1:8080/api/v1/user/user-stats
Content-Type: application/json
X-AppCheck-Token: kXfeSRgYTnoUztu6MO8FndqiRayoBaJqyDKQmoqvX3V9sZVlep/cm7cP!mgd-B9H
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjUyNmM2YTg0YWMwNjcwMDVjZTM0Y2VmZjliM2EyZTA4ZTBkZDliY2MiLCJ0eXAiOiJKV1QifQ.eyJyb2xlcyI6W10sInN5bmMiOnRydWUsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9jb25mZXNpLXNlcnZlci1kZXYiLCJhdWQiOiJjb25mZXNpLXNlcnZlci1kZXYiLCJhdXRoX3RpbWUiOjE3MDM4MzUzMTAsInVzZXJfaWQiOiJzQWxoN1p5bkVmYzd6ZUhHU3Y4TWVYamVLWVQyIiwic3ViIjoic0FsaDdaeW5FZmM3emVIR1N2OE1lWGplS1lUMiIsImlhdCI6MTcwMzgzNTMxMCwiZXhwIjoxNzAzODM4OTEwLCJlbWFpbCI6Im1hdHRoZXcucmwudHJlbnRAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsibWF0dGhldy5ybC50cmVudEBnbWFpbC5jb20iXX0sInNpZ25faW5fcHJvdmlkZXIiOiJwYXNzd29yZCJ9fQ.NjJXT0CYxQJKKpozQl70CvgaJOZJDwugoKnYNas42QOK4rvgTeTP30V--ALU4UHS4mOslr8dTbL1CMbdL1xTjOKSGpnXZRIlLJvomya56FbMK2ANeoEp-27bzIt1H4Jj6FcP498UOjL8Pf3bmuoj7_CPUhylpOsqf_11kkIQrIs_MKeelHFrLWc8nYRX_2UHiJz459SfqmQghJNPwC47X9u-9yDUOXXtxPI1LBq3CIeJvC7vg03ACTQn88AMrgGqEStgIDpRNt7w9uMh7uYXQ9YAfJuPtFZDTVhJ13v1KSyiOkogr93OK6Akqa4c99WAUWVKSDk0O8a4T687TYThdQ

{}
28 changes: 0 additions & 28 deletions middleware/firebase_appcheck.go
View file

This file was deleted.

16 changes: 0 additions & 16 deletions middleware/middleware.go
View file

This file was deleted.

3 changes: 0 additions & 3 deletions scripts/test
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,6 @@
#!/usr/bin/env bash

export APPCHECK_TOKEN="test_token"
export POSTGRES_DSN="postgres://postgres:postgres@localhost:5432/confesi?sslmode=disable"
export CIPHER_KEY="thisis32bitlongpassphraseimusing"
export CIPHER_NONCE="87379ff2d9e78998359c133a"


go test -coverprofile=./coverprofile $1 -v

0 comments on commit a71037b

Please sign in to comment.