Harden session/ingestion token separation and gate admin routes#25
Merged
Conversation
Session and ingestion JWTs were signed with the same secret and verified
by the same code path with no claim distinguishing them. An ingestion
token pasted into the `session` cookie passed signature verification and
the middleware set `user` with undefined fields, granting access to every
session-protected endpoint (including token minting and integration
secrets). Mirror-side: a session JWT presented as a Bearer token would
have been rejected only because session JWTs happen to lack a `jti`.
Adds a `type` claim ("session" or "ingestion") that each middleware now
enforces explicitly, validates that session JWTs carry non-empty
`sub/email/role`, and introduces a `requireAdmin` middleware applied to
credential-bearing and write routes (tokens, integrations,
marketplace-sources, audit, plus the write operations on skills,
marketplaces, and plugins). Read-only analytics endpoints remain open to
any authenticated session.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Session and ingestion JWTs were signed with the same secret and verified
by the same code path with no claim distinguishing them. An ingestion
token pasted into the
sessioncookie passed signature verification andthe middleware set
userwith undefined fields, granting access to everysession-protected endpoint (including token minting and integration
secrets). Mirror-side: a session JWT presented as a Bearer token would
have been rejected only because session JWTs happen to lack a
jti.Adds a
typeclaim ("session" or "ingestion") that each middleware nowenforces explicitly, validates that session JWTs carry non-empty
sub/email/role, and introduces arequireAdminmiddleware applied tocredential-bearing and write routes (tokens, integrations,
marketplace-sources, audit, plus the write operations on skills,
marketplaces, and plugins). Read-only analytics endpoints remain open to
any authenticated session.