910000 - Token Server User Flow doc should note HAWK protocol usage

Status: VERIFIED FIXED

(Cloud Services Graveyard :: Server: Token, defect)

Description

[Sam Penrose]

Per 820643, the token service is migrating to speak the HAWK protocol. The current documentation at http://docs.services.mozilla.com/token/user-flow.html only mentions MACAuth. It should be updated.

Comment 1

[Ryan Kelly [:rfkelly]]

Attachment: replace "mac auth" with "hawk auth" in tokenserver protocol docs

Yep, this is happening.  Pinging :telliott for review but mostly just to turn our shared attentions towards the docs situation in general.

Comment 2

[Alexis Metaireau (:alexis)]

Is the canonical implementation of the tokenserver still here? https://github.com/mozilla-services/tokenserver

Because I don't see any changes to use MAC auth there.

Comment 3

[Ryan Kelly [:rfkelly]]

> Is the canonical implementation of the tokenserver still here? https://github.com/mozilla-services/tokenserver

It is.

> Because I don't see any changes to use MAC auth there.

There doesn't need to be.  The mac => hawk transition only affects downstream services that consume tokenserver-provided credentials, the tokenserver itself will continue to work as-is.

Comment 4

[Alexis Metaireau (:alexis)]

Ah, pretty neat! (happy to see this was future proof).

That remembers me a comment saying we should specify in the response from the server what is the type of the token we return. 

See https://github.com/mozilla-services/tokenserver/blob/master/tokenserver/views.py#L206

Comment 5

[Ryan Kelly [:rfkelly]]

I'm a bit sad to close a bug with such an awesome bug number, but here we go:

https://github.com/mozilla-services/docs/commit/6a3c3b7bf2c68146b0346573c88be9ff25b066dd

Comment 6

[James Bonacci [:jbonacci]]

Verified here: https://github.com/mozilla-services/docs