Reduce the scope of Geo JWT (JSON Web Tokens)
Currently, we generate a large number of JWTs for Geo - one per file synced, per secondary. In !3116 (merged) we are adding one per repository synced, as well. They are short-lived but do not have any restrictions on scope, so a token valid for downloading one file or repo could, in theory, be used to download another.
We can include parameters in the token that restrict the objects to be synced by it. This would represent a small enhancement in security (since if you can steal one token, you can probably steal more), but I believe it's worthwhile.
The following discussion from !3116 (merged) should be addressed:
-
@nick.thomas started a discussion: (+1 comment) I'll do this by including
gl_repository
in the token when it's generated, and checking it on this side.