Service-dependent authentication filter #6

New Issue

Open

opened 2020-11-14 08:46:34 +01:00 by nolash · 2 comments

nolash commented 2020-11-14 08:46:34 +01:00 (Migrated from gitlab.com)

Copy Link

The browser needs to know what authentication token to choose for a particular query.

After unlocking of the staff PGP private key for a new session, the browser should transparently authenticate and gather tokens for with all the different services it knows about.

All queries needs to pass through this authentication component, so that tokens can be automatically refreshed as they expire.

Tokens should be filed under the corresponding "HTTP realm" the services announces.

This implies that the browser also needs to now which URLs match to which "realms."

The browser needs to know what authentication token to choose for a particular query. After unlocking of the staff PGP private key for a new session, the browser should transparently authenticate and gather tokens for with all the different services it knows about. All queries needs to pass through this authentication component, so that tokens can be automatically refreshed as they expire. Tokens should be filed under the corresponding "HTTP realm" the services announces. This implies that the browser also needs to now which URLs match to which "realms."

nolash commented 2020-11-14 08:47:23 +01:00 (Migrated from gitlab.com)

Copy Link

changed the description

changed the description

nolash commented 2020-11-14 08:47:40 +01:00 (Migrated from gitlab.com)

Copy Link

changed the description

changed the description

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

sohail/dev

mono-repo-migration

spencer/accounts-web-workers

spencer/datatable-component

spencer/fix-tests

spencer/localstorage-privatekey

spencer/electron

spencer/refactor-cic-dependencies

spencer/censor-pgp-passphrase

spencer/account-index-fix

bvander/accounts-search-review

Labels

Clear labels   

Backlog

Open tickets for sprint backlog

  

Blocked

  

Doing

  

Done

Completed task for sprints

  

Good first issue

  

Pending

  

Ready for review

  

Research

Spikes for research

  

To Do

  

analytics

A bucket for dashboards, descriptive data and advanced methods

  

api

  

auth

  

bootstrap

  

bug

  

cache

  

chain-queue

Task worker infrastructure for evm blockchain interaction.

  

chain-sync

  

cic-network

Contracts and tooling for self-sovereign token and entity pub/sub

  

cleanup

  

cli

Any cli tool

  

core

  

devops

Grassrootseconomics devops

  

devtools

Mockers and mock data generation tools.

  

documentation

  

enhancement

  

evm

  

flaky-test

  

hardening

  

help-wanted

  

high-priority

  

kyc

  

local

  

metadata

  

notifications

Notifications component, capable of sms, email, telegram, mattermost...

  

offline

  

optimization

  

portability

  

prototyping

  

security

  

sempo

Customizations and tooling for Sempo platform.

  

simulation

  

spec

Written specification and/or pseudocode

  

test-coverage

  

trust

  

usability

  

ussd

Third-generation CIC USSD daemon

No Label

Backlog

Blocked

Doing

Done

Good first issue

Pending

Ready for review

Research

To Do

analytics

api

auth

bootstrap

bug

cache

chain-queue

chain-sync

cic-network

cleanup

cli

core

devops

devtools

documentation

enhancement

evm

flaky-test

hardening

help-wanted

high-priority

kyc

local

metadata

notifications

offline

optimization

portability

prototyping

security

sempo

simulation

spec

test-coverage

trust

usability

ussd

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: grassrootseconomics/cic-staff-client#6

No description provided.