Closed Bug 817886 Opened 11 years ago Closed 11 years ago

Refactor webpay to use solitude for JWT issuers/secrets

Categories

(Marketplace Graveyard :: Payments/Refunds, defect, P1)

x86
macOS
defect

Tracking

(Not tracked)

RESOLVED FIXED
2012-12-20

People

(Reporter: kumar, Assigned: andy+bugzilla)

References

Details

webpay should use the solitude API to validate and deal with JWT issuers/secrets. Currently webpay has a stub database table of issuers. This can be removed.

See: https://github.com/mozilla/solitude/blob/master/lib/sellers/models.py#L49
Also: https://github.com/mozilla/webpay/blob/master/webpay/pay/forms.py#L40
Blocks: 794651
Priority: -- → P1
Target Milestone: --- → 2012-12-20
Assignee: nobody → amckay
The app_id is coming from the JWT, where's the matching field in solitude, is it external_id on SellerProduct?
The app ID is whatever we want to make it. We will use this as a public identifier to lookup the seller's secret. I originally envisioned it as the seller uuid and I envisioned Marketplace setting seller uuid's to the domain name of the app. The product external ID is different; that is what gets passed through request.id in the JWT https://wiki.mozilla.org/WebAPI/WebPayment#In-app_payment
I'll set it assume its going to be seller uuid for now, easy to change later.
https://github.com/mozilla/webpay/commit/f33aee
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.