Commit 8823f3f5 authored by Dmitriy Rudko's avatar Dmitriy Rudko 💬
Browse files

Merge branch 'fix-gsa-challenge' into 'master'

GCP release/0.5 - fix GSA Challenge (GONRG-1796)

See merge request !67
parents dfdfbd0b e0d2b656
Pipeline #26405 passed with stages
in 55 minutes and 56 seconds
...@@ -188,9 +188,9 @@ Create king ring and key in the ***master project*** ...@@ -188,9 +188,9 @@ Create king ring and key in the ***master project***
--purpose encryption --purpose encryption
``` ```
Add **Cloud KMS CryptoKey Encrypter/Decrypter** role to the **App Engine default service account** of the master project through IAM - Role tab Add **Cloud KMS CryptoKey Encrypter/Decrypter** role to the **App Engine default service account** of the ***master project*** through IAM - Role tab
Add "Cloud KMS Encrypt/Decrypt" role to the "App Engine default service account" of ***master project*** Add **Cloud KMS Encrypt/Decrypt** role to the **App Engine default service account** of ***master project***
## Licence ## Licence
Copyright © Google LLC Copyright © Google LLC
......
...@@ -44,7 +44,7 @@ public class GsaSubscriberListenerApi { ...@@ -44,7 +44,7 @@ public class GsaSubscriberListenerApi {
throw new ValidationException("Authorization signature validation Failed"); throw new ValidationException("Authorization signature validation Failed");
} }
logger.info("Token verified and sending response"); logger.info("Token verified and sending response");
return new ChallengeResponse(HashingUtil.hashString(crc, this.serviceConfig.getSubscriberSecret())); return new ChallengeResponse(HashingUtil.hashString(crc, this.serviceConfig.getSubscriberPrivateKeyId()));
} }
@PostMapping("/gsa-challenge/{count}") @PostMapping("/gsa-challenge/{count}")
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment