Refactor webpay to use solitude for JWT issuers/secrets

RESOLVED FIXED in 2012-12-20

Status

P1
normal
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: kumar, Assigned: andy+bugzilla)

Tracking

2012-12-20
x86
Mac OS X
Points:
---

Details

webpay should use the solitude API to validate and deal with JWT issuers/secrets. Currently webpay has a stub database table of issuers. This can be removed.

See: https://github.com/mozilla/solitude/blob/master/lib/sellers/models.py#L49
Also: https://github.com/mozilla/webpay/blob/master/webpay/pay/forms.py#L40
Blocks: 794651
Priority: -- → P1
Target Milestone: --- → 2012-12-20
(Assignee)

Updated

6 years ago
Assignee: nobody → amckay
(Assignee)

Comment 1

6 years ago
The app_id is coming from the JWT, where's the matching field in solitude, is it external_id on SellerProduct?
The app ID is whatever we want to make it. We will use this as a public identifier to lookup the seller's secret. I originally envisioned it as the seller uuid and I envisioned Marketplace setting seller uuid's to the domain name of the app. The product external ID is different; that is what gets passed through request.id in the JWT https://wiki.mozilla.org/WebAPI/WebPayment#In-app_payment
(Assignee)

Comment 3

6 years ago
I'll set it assume its going to be seller uuid for now, easy to change later.
(Assignee)

Comment 4

6 years ago
https://github.com/mozilla/webpay/commit/f33aee
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.