fix(security): lock down signing-key file permissions
Private JWK files were written under the default umask (observed 0664 — group and world readable). Create the key directory 0700, chmod private key files (private_jwks.json, token_jwks.json) to 0600 after they are written, and refuse to start if a pre-existing private key is group/world accessible. Tests now use an isolated per-test key directory. Refs: porchlight-91i Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
cba63280fb
commit
c7550cbf09
4 changed files with 67 additions and 6 deletions
|
|
@ -1,5 +1,6 @@
|
|||
import re
|
||||
from collections.abc import AsyncIterator
|
||||
from pathlib import Path
|
||||
|
||||
import pytest
|
||||
from httpx import ASGITransport, AsyncClient
|
||||
|
|
@ -10,8 +11,13 @@ from porchlight.rate_limit import limiter
|
|||
|
||||
|
||||
@pytest.fixture
|
||||
def settings() -> Settings:
|
||||
return Settings(issuer="http://localhost:8000", sqlite_path=":memory:", session_https_only=False)
|
||||
def settings(tmp_path: Path) -> Settings:
|
||||
return Settings(
|
||||
issuer="http://localhost:8000",
|
||||
sqlite_path=":memory:",
|
||||
session_https_only=False,
|
||||
signing_key_path=str(tmp_path / "keys"),
|
||||
)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue