darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-15 17:52:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add MMG_INBOUND_SMS_AUTH config variable and auth check

Browse Source 
Checks authentication header value on inbound SMS requests from
MMG  against a list of allowed API keys set in the application
config.

At the moment, we're only logging the attempts without aborting the
requests. Once this is rolled out to production and we've checked
the logs we'll switch on the aborts and add the tests for 401 and 403
responses.

This work has already been done for Firetext in a previous PR:
https://github.com/alphagov/notifications-api/pull/1409
This commit is contained in:
Katie Smith
2017-12-14 13:35:13 +00:00
parent a9a8ef8ff1
commit a8d3b0952f
5 changed files with 67 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/cloudfoundry_config.py
View File

@@ -48,6 +48,7 @@ def extract_notify_config(notify_config):
os.environ['DANGEROUS_SALT'] = notify_config['credentials']['dangerous_salt']
os.environ['SMS_INBOUND_WHITELIST'] = json.dumps(notify_config['credentials']['allow_ip_inbound_sms'])
os.environ['FIRETEXT_INBOUND_SMS_AUTH'] = json.dumps(notify_config['credentials']['firetext_inbound_sms_auth'])
os.environ['MMG_INBOUND_SMS_AUTH'] = json.dumps(notify_config['credentials']['mmg_inbound_sms_auth'])
os.environ['ROUTE_SECRET_KEY_1'] = notify_config['credentials']['route_secret_key_1']
os.environ['ROUTE_SECRET_KEY_2'] = notify_config['credentials']['route_secret_key_2']