This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module "error_rate_slo" { | |
source = "../../slo" | |
enabled = var.enabled | |
name = "${var.service_name} ${var.environment} / P${var.priority_tier} - Error Rate SLO [${var.slo}%]" | |
numerator = <<-EOT | |
sum:trace.servlet.request.hits{env:${var.environment},service:${var.service_name}}.as_count() | |
- | |
sum:trace.servlet.request.errors{env:${var.environment},service:${var.service_name}}.as_count() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
resource "datadog_service_level_objective" "slo" { | |
count = try(var.enabled, false) == true ? 1 : 0 | |
name = var.name | |
type = var.type | |
description = "" | |
query { | |
numerator = var.numerator | |
denominator = var.denominator |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/api/messages_controller.rb | |
module Api | |
class MessagesController < ApplicationController | |
before_action :can_read_admin_messages!, only: %i[admin] | |
# ... existing code ... | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/application_controller.rb | |
require 'json_web_token' | |
class ApplicationController < ActionController::API | |
# ... existing code ... | |
def can_read_admin_messages! | |
check_permissions(@token, 'read:admin-messages') | |
end | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/application_controller.rb | |
class ApplicationController < ActionController::API | |
def authorize! | |
valid, result = verify(raw_token(request.headers)) | |
# 👇 old code | |
# head :unauthorized unless valid | |
# 👇 new code | |
render json: { message: result }.to_json, status: :unauthorized unless valid |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/api/messages_controller.rb | |
module Api | |
class MessagesController < ApplicationController | |
before_action :authorize!, except: %i[public] | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/application_controller.rb | |
require 'json_web_token' | |
class ApplicationController < ActionController::API | |
def authorize! | |
valid, result = verify(raw_token(request.headers)) | |
head :unauthorized unless valid | |
@token ||= result |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# lib/json_web_token.rb | |
class JsonWebToken | |
class << self | |
def verify(token) | |
JWT.decode(token, nil, | |
true, # Verify the signature of this token | |
algorithm: algorithm, | |
iss: Rails.application.config.x.auth0.issuerUri, | |
verify_iss: true, | |
aud: Rails.application.config.x.auth0.audience, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# lib/json_web_token.rb | |
require 'jwt' | |
require 'net/http' | |
class JsonWebToken | |
class << self | |
def algorithm | |
'RS256' | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"iss": "https://yourTenant.eu.auth0.com/", | |
"sub": "zHwnsh0j2sTj4u3ss6YedSFrzyb2", | |
"aud": "https://targetAudience.com", | |
"iat": 1621369130, | |
"exp": 1791455530, | |
"azp": "ThEkgdG1NndLlWoNMcEdEr2KJIs9vKad", | |
"scope": "openid profile read:admin-messages", | |
"permissions": ["read:admin-messages"] | |
} |