Closed
Bug 861343
Opened 11 years ago
Closed 11 years ago
[MakeAPI] Implement API security model
Categories
(Webmaker Graveyard :: MakeAPI, defect)
Webmaker Graveyard
MakeAPI
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: cade, Assigned: cade)
References
Details
(Whiteboard: u=dev c=makeAPI p=1 s=2013w17)
Attachments
(1 file, 1 obsolete file)
Certain actions will require authentication.
Updated•11 years ago
|
Component: General → MakeAPI
Updated•11 years ago
|
Whiteboard: [MakeAPI] → u=dev c=makeAPI p=1 s=2013w16
Updated•11 years ago
|
Assignee: nobody → chris
Assignee | ||
Comment 1•11 years ago
|
||
Gonna write some things in my head down: Create, update, delete: limit to authenticated webmakers. requests for new makes must originate from one of our domains (thimble.wm.org, popcorn.wm.org, etc) I'm not sure how limited we want searching to be. But if we're keeping it to webmaker tools, then requests must originate from our domains.
Assignee | ||
Comment 2•11 years ago
|
||
https://github.com/mozilla/MakeAPI/pull/13
Attachment #739216 -
Flags: review?(schranz.m)
Assignee | ||
Comment 3•11 years ago
|
||
Comment on attachment 739216 [details] [review] Fix Routes, make Search us GET gah, wrong bug.
Attachment #739216 -
Flags: review?(schranz.m)
Assignee | ||
Comment 4•11 years ago
|
||
There have been a few ideas thrown around for this. The first is a separation into two apps. the first would sit behind a firewall and only be accessible from our apps. It will be able to do create/update/delete on the assumption that our apps have an authenticated user triggering the actions. The second app would be a public facing search endpoint that doesn't require authentication to query. In talking with :sedge we threw around some ideas where the SSO app could generate tokens or API keys for logged in users to use with the API for create/update/delete. The only useful reason to have that is for admins to be able to log in using a web interface that's not backed by a node app and can make authenticated calls. thoughts?
Flags: needinfo?
Comment 5•11 years ago
|
||
Need info flag without the person from whom you need info isn't gonna get you anywhere, sadly :) You can tag multiple people with a comma separated list. Any further update / discussion here?
Flags: needinfo?
Comment 6•11 years ago
|
||
I spoke with some of the webdev team members, and we thought that adding basic authentication would be the easiest method. You could configure a list of accepted username/password pairs on the MakeAPI side, then hand out these credentials for each server that needed priveleged write access to the MakeAPI.
Assignee | ||
Comment 7•11 years ago
|
||
(In reply to Jon Buckley [:jbuck] from comment #6) > I spoke with some of the webdev team members, and we thought that adding > basic authentication would be the easiest method. You could configure a list > of accepted username/password pairs on the MakeAPI side, then hand out these > credentials for each server that needed priveleged write access to the > MakeAPI. That seems like a workable approach. Might be a bit of a pain handing out credentials to the authorized applications though.
Updated•11 years ago
|
Whiteboard: u=dev c=makeAPI p=1 s=2013w16 → u=dev c=makeAPI p=1 s=2013w17
Assignee | ||
Comment 8•11 years ago
|
||
Adds basic Auth for the Create/Update/Delete routes. User/pass values are set up by env variables at run time. (see env.sample)
Attachment #739216 -
Attachment is obsolete: true
Attachment #740469 -
Flags: review?(swex)
Attachment #740469 -
Flags: review?(jon)
Comment 9•11 years ago
|
||
:jbuck - It seems I'm late to the game on this one, but doens't having basic authentication for the MakeAPI reduce the impact of a single-sign on?
Assignee | ||
Comment 10•11 years ago
|
||
(In reply to Kieran Sedgwick (:sedge) from comment #9) > :jbuck - It seems I'm late to the game on this one, but doens't having basic > authentication for the MakeAPI reduce the impact of a single-sign on? It shouldn't, C/U/D endpoint should only be used behind the scenes by our apps anyways, and searching can be completely public.
Comment 11•11 years ago
|
||
Comment on attachment 740469 [details] [review] https://github.com/mozilla/MakeAPI/pull/25 There's two ways this could be done, you could either have one set of routes for Persona-authenticated users and one for basic authenticated servers or you could just assume that all updates to the makeAPI will be done through servers. I'm okay with picking the latter for now, and supporting the Persona-authenticated route in the future. r-, problems noted in the pull request.
Attachment #740469 -
Flags: review?(swex)
Attachment #740469 -
Flags: review?(jon)
Attachment #740469 -
Flags: review-
Assignee | ||
Comment 12•11 years ago
|
||
(In reply to Jon Buckley [:jbuck] from comment #11) > There's two ways this could be done, you could either have one set of routes > for Persona-authenticated users and one for basic authenticated servers or > you could just assume that all updates to the makeAPI will be done through > servers. I'm still curious what kind of system we could use to authenticate logged webmaker accounts.
Assignee | ||
Comment 13•11 years ago
|
||
Comment on attachment 740469 [details] [review] https://github.com/mozilla/MakeAPI/pull/25 I've addressed all of your concerns.
Attachment #740469 -
Flags: review- → review?(jon)
Comment 14•11 years ago
|
||
Comment on attachment 740469 [details] [review] https://github.com/mozilla/MakeAPI/pull/25 R+
Attachment #740469 -
Flags: review?(jon) → review+
Assignee | ||
Comment 15•11 years ago
|
||
Staged on Master: https://github.com/mozilla/MakeAPI/commit/5e9f2912e8481cc04f3638b1a3c9bb7e4968795f
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Updated•11 years ago
|
Attachment mime type: text/plain → text/x-github-pull-request
Updated•11 years ago
|
Attachment mime type: text/plain → text/x-github-pull-request
You need to log in
before you can comment on or make changes to this bug.
Description
•