Uploaded image for project: 'Repose'
  1. REP-6550

Update Valkyrie filter to support quality for the X-Tenant-Id header

    Details

    • Type: Story
    • Status: Resolved (View workflow)
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 8.8.2.0
    • Component/s: None
    • Labels:
      None
    • Sprint:
      Sprint 162, Sprint 163
    • Story Points:
      2
    • Capitalizable:
      True

      Description

      Identity is going to start returning an extra tenant (e.g. rcn:RCN-123-123-123), so we'll need to be better about handling multiple values in the X-Tenant-Id header and relying on header quality to decide on which value we should be using.

      Right now in the Valkyrie Filter, we're simply grabbing the first value in the X-Tenant-Id header and rejecting it if the RCN tenant ends up being the first one grabbed (assuming pass-non-dedicated-tenant and enable-masking-403s are both disabled).

      Instead, the Valkyrie filter should grab the value with the highest quality in the header.

      Acceptance Criteria:

      • If there are multiple values in the X-Tenant-Id header, the value with the highest quality should be used.
      • If there are multiple values in the X-Tenant-Id header with the same highest quality, we should use the first value.
        • For example, X-Tenant-Id: hybrid:11;q=1,hybrid:13;q=1.0,rcn:RCN-123;q=0.3, use hybrid:11
      • If there are no values in the X-Tenant-Id header, behavior should remain the same (i.e. return a 401).
      • If there is a single value in the X-Tenant-Id header, behavior should remain the same (i.e. use the value).

        Attachments

          Activity

            People

            • Assignee:
              adrian.george Adrian George
              Reporter:
              mario.lopez Mario Lopez
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: