Skip to content

Commit

Permalink
OONI Auth and Run prod (#883)
Browse files Browse the repository at this point in the history 
* Add run.ooni.org to valid fqdn

* Tighten up cors settings

* Cleanup origins passing

* Fix missing middleware argument
  • Loading branch information
@hellais
hellais authored Sep 23, 2024
1 parent ffe750e commit e3a445f
Show file tree
Hide file tree
Showing 7 changed files with 7 additions and 15 deletions.
1 change: 1 addition & 0 deletions api/ooniapi/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,7 @@ def validate_redirect_url(rt_url: str) -> Tuple[str, str]:
"explorer.ooni.org",
"explorer.test.ooni.org",
"run.ooni.io",
"run.ooni.org",
"run.test.ooni.org",
"run-v2.ooni.org",
"test-lists.ooni.org",
Expand Down
4 changes: 1 addition & 3 deletions ooniapi/services/ooniauth/src/ooniauth/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,9 @@ async def lifespan(app: FastAPI):
app, metric_namespace="ooniapi", metric_subsystem="ooniauth"
)

# TODO: temporarily enable all
origins = ["*"]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_origin_regex="^https://[-A-Za-z0-9]+(\.test)?\.ooni\.(org|io)$",
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
Expand Down
1 change: 1 addition & 0 deletions ooniapi/services/ooniauth/src/ooniauth/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
"explorer.ooni.org",
"explorer.test.ooni.org",
"run.ooni.io",
"run.ooni.org",
"run.test.ooni.org",
"run-v2.ooni.org",
"test-lists.ooni.org",
Expand Down
4 changes: 1 addition & 3 deletions ooniapi/services/oonifindings/src/oonifindings/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,9 @@ async def lifespan(app: FastAPI):
app, metric_namespace="ooniapi", metric_subsystem="oonifindings"
)

# TODO: temporarily enable all
origins = ["*"]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_origin_regex="^https://[-A-Za-z0-9]+(\.test)?\.ooni\.(org|io)$",
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
Expand Down
4 changes: 1 addition & 3 deletions ooniapi/services/oonimeasurements/src/oonimeasurements/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,9 @@ async def lifespan(app: FastAPI):
app, metric_namespace="ooniapi", metric_subsystem="oonimeasurements"
)

# TODO: temporarily enable all
origins = ["*"]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_origin_regex="^https://[-A-Za-z0-9]+(\.test)?\.ooni\.(org|io)$",
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
Expand Down
4 changes: 1 addition & 3 deletions ooniapi/services/ooniprobe/src/ooniprobe/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,9 @@ async def lifespan(app: FastAPI):
app, metric_namespace="ooniapi", metric_subsystem="ooniprobe"
)

# TODO: temporarily enable all
origins = ["*"]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_origin_regex="^https://[-A-Za-z0-9]+(\.test)?\.ooni\.(org|io)$",
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
Expand Down
4 changes: 1 addition & 3 deletions ooniapi/services/oonirun/src/oonirun/main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,9 @@ async def lifespan(app: FastAPI):
app, metric_namespace="ooniapi", metric_subsystem="oonirun"
)

# TODO: temporarily enable all
origins = ["*"]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_origin_regex="^https://[-A-Za-z0-9]+(\.test)?\.ooni\.(org|io)$",
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
Expand Down

0 comments on commit e3a445f

Please sign in to comment.