If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Status

addons.mozilla.org Graveyard
Administration
P2
normal
REOPENED
4 years ago
2 years ago

People

(Reporter: andym, Assigned: rtilder, NeedInfo)

Tracking

(Blocks: 1 bug)

Details

(Whiteboard: [marketplace-transition])

(Reporter)

Description

4 years ago
Currently trunion doesn't have any application based authentication, meaning anything that can talk to trunion can call receipt generation or signing an app. 

Trunion is very well locked down by network access, so this isn't a biggie, but let's be careful and do a similar style of OAuth authentication that we've done between solitude, zippy and the marketplace. 

That way only certain apps can do those tasks.
(Reporter)

Updated

4 years ago
Blocks: 958329
(Reporter)

Updated

4 years ago
Priority: -- → P4
Version: 1.4 → 1.5
We no longer need the existing Trunion HSM box for bug 958329 so we may not need the Trunion service
No longer blocks: 958329
(Assignee)

Comment 2

4 years ago
Doesn't need to be done for APK signing since we won't be using Trunion for that initially.  And might be a moot point if we just move the existing logic for signing FFxOS privileged apps and Marketplace receipts from Trunion into a Django app.
(Reporter)

Comment 3

3 years ago
I still think we should do this Ryan, what do you reckon?
Flags: needinfo?(rtilder)
(Reporter)

Updated

3 years ago
Assignee: nobody → rtilder
Priority: P4 → P2
(Reporter)

Updated

3 years ago
Blocks: 1118050

Updated

2 years ago
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
Whiteboard: [marketplace-transition]
(Reporter)

Comment 4

2 years ago
Trunion is still used by the AMO and I'd still like this to happen.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
(Moves to amo)
Component: Payments/Refunds → Administration
Product: Marketplace → addons.mozilla.org
Version: 1.5 → unspecified
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.