Service-dependent authentication filter #6
Labels
No Label
Backlog
Blocked
Doing
Done
Good first issue
Pending
Ready for review
Research
To Do
analytics
api
auth
bootstrap
bug
cache
chain-queue
chain-sync
cic-network
cleanup
cli
core
devops
devtools
documentation
enhancement
evm
flaky-test
hardening
help-wanted
high-priority
kyc
local
metadata
notifications
offline
optimization
portability
prototyping
security
sempo
simulation
spec
test-coverage
trust
usability
ussd
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: grassrootseconomics/cic-staff-client#6
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The browser needs to know what authentication token to choose for a particular query.
After unlocking of the staff PGP private key for a new session, the browser should transparently authenticate and gather tokens for with all the different services it knows about.
All queries needs to pass through this authentication component, so that tokens can be automatically refreshed as they expire.
Tokens should be filed under the corresponding "HTTP realm" the services announces.
This implies that the browser also needs to now which URLs match to which "realms."
changed the description
changed the description