Skip to content

feat(auth): move encryption to LanguageClientAuth and encrypt profile data #7828

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: feature/flare-mega
Choose a base branch
from
Open

feat(auth): move encryption to LanguageClientAuth and encrypt profile data #7828

wants to merge 1 commit into from
+81 −66

Conversation

liramon1
Copy link
Contributor

@liramon1 liramon1 commented Aug 6, 2025
edited
Loading

Problem

Our current IAM auth setup assumes profile data is transmitted in plaintext. This is not secure enough given that we are transmitting IAM credentials inside of the profile data.

Solution

  • Add encryption and decryption to profile endpoints
  • Move encryption to LanguageClientAuth for greater reusability
  • Treat all work as PUBLIC. Private feature/x branches will not be squash-merged at release time.
  • Your code changes must meet the guidelines in CONTRIBUTING.md.
  • License: I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 6, 2025

  • This pull request modifies code in src/* but no tests were added/updated.
    • Confirm whether tests should be added or ensure the PR description explains why tests are not required.
  • This pull request implements a feat or fix, so it must include a changelog entry (unless the fix is for an unreleased feature). Review the changelog guidelines.
    • Note: beta or "experiment" features that have active users should announce fixes in the changelog.
    • If this is not a feature or fix, use an appropriate type from the title guidelines. For example, telemetry-only changes should use the telemetry type.

@liramon1 liramon1 marked this pull request as ready for review August 6, 2025 17:54
@liramon1 liramon1 requested a review from a team as a code owner August 6, 2025 17:54
@liramon1 liramon1 force-pushed the encryption branch 2 times, most recently from b07741a to 2fccad4 Compare August 6, 2025 21:07
@Analistarjx
Copy link

Problem

Our current IAM auth setup assumes profile data is transmitted in plaintext. This is not secure enough given that we are transmitting IAM credentials inside of the profile data.

Solution

  • Add encryption and decryption to profile endpoints

  • Move encryption to LanguageClientAuth for greater reusability

  • Treat all work as PUBLIC. Private feature/x branches will not be squash-merged at release time.

  • Your code changes must meet the guidelines in CONTRIBUTING.md.

  • License: I confirm that my contribution is made under the terms of the Apache 2.0 license.

@liramon1 liramon1 force-pushed the encryption branch 4 times, most recently from 972d1f0 to 0509e70 Compare August 7, 2025 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@liramon1 @Analistarjx