Closed Bug 956363 Opened 10 years ago Closed 2 years ago

Add oauth to trunion

Categories

(addons.mozilla.org Graveyard :: Administration, defect, P2)

Product:
addons.mozilla.org Graveyard
Component:
Administration
Platform:
x86
macOS
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: andy+bugzilla, Assigned: rtilder, NeedInfo)

References

Details

(Whiteboard: [marketplace-transition]) 

Currently trunion doesn't have any application based authentication, meaning anything that can talk to trunion can call receipt generation or signing an app. 

Trunion is very well locked down by network access, so this isn't a biggie, but let's be careful and do a similar style of OAuth authentication that we've done between solitude, zippy and the marketplace. 

That way only certain apps can do those tasks.
Blocks: 958329
Priority: -- → P4
Version: 1.4 → 1.5
We no longer need the existing Trunion HSM box for bug 958329 so we may not need the Trunion service
No longer blocks: 958329
Doesn't need to be done for APK signing since we won't be using Trunion for that initially.  And might be a moot point if we just move the existing logic for signing FFxOS privileged apps and Marketplace receipts from Trunion into a Django app.
I still think we should do this Ryan, what do you reckon?
Flags: needinfo?(rtilder)
Assignee: nobody → rtilder
Priority: P4 → P2
Blocks: 1118050
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
Whiteboard: [marketplace-transition]
Trunion is still used by the AMO and I'd still like this to happen.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
(Moves to amo)
Component: Payments/Refunds → Administration
Product: Marketplace → addons.mozilla.org
Version: 1.5 → unspecified
Product: addons.mozilla.org → addons.mozilla.org Graveyard

This bug lies at rest in the graveyard.

Status: REOPENED → RESOLVED
Closed: 8 years ago2 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.