subjectForExternalUser generates a safe subject from an external user ID accessing a deployment in the specified project. The result is safe to use as a JWT subject and in telemetry (where we need to avoid collisions and PII).
(externalUserID, projectID string)
| 942 | // subjectForExternalUser generates a safe subject from an external user ID accessing a deployment in the specified project. |
| 943 | // The result is safe to use as a JWT subject and in telemetry (where we need to avoid collisions and PII). |
| 944 | func subjectForExternalUser(externalUserID, projectID string) string { |
| 945 | hash := sha256.Sum256([]byte(externalUserID + projectID)) |
| 946 | return "ext_" + hex.EncodeToString(hash[:]) |
| 947 | } |