Closed
Bug 971994
Opened 11 years ago
Closed 11 years ago
Server needs to generate temporary session URIs to send to unregistered users
Categories
(Hello (Loop) :: Server, defect)
Hello (Loop)
Server
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 974317
People
(Reporter: abr, Assigned: alexis+bugs)
References
Details
User Story
This is the "call-me" URI. Contains information including the caller (this is what allows the client to display who is calling), the callee, an expiry, and an HMAC with some salt.
No description provided.
Reporter | ||
Updated•11 years ago
|
Component: General → Server
Comment 1•11 years ago
|
||
This is the "call-me" URI. Contains information including the caller (this is what allows the client to display who is calling), the callee, an expiry, and an HMAC with some salt. (Do we have tickets for server/client code for serving/fetching these URIs, or is that part of this ticket?)
Assignee | ||
Comment 2•11 years ago
|
||
(In reply to Byron Campen [:bwc] from comment #1) > This is the "call-me" URI. Contains information including > an HMAC with some salt. Why do we want to have a HMAC and a salt here? What would they be used for?
Comment 3•11 years ago
|
||
I think the idea is that we will not be maintaining any list of these URIs server side, so we need to prevent them from being forged, hence the HMAC. I'm not sure about the salt though; we probably need to think that through a little more carefully.
Assignee | ||
Comment 4•11 years ago
|
||
https://github.com/ametaireau/pants-server, and specifically https://github.com/ametaireau/pants-server/blob/master/pants/views.py#L22-L32 is an attempt to solve this. Associated tests are here: https://github.com/ametaireau/pants-server/blob/master/tests/test_functional.py#L15-L27
Updated•11 years ago
|
User Story: (updated)
Assignee | ||
Updated•11 years ago
|
Assignee: nobody → alexis+bugs
Assignee | ||
Updated•11 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 5•11 years ago
|
||
This has landed already, it only misses the uuid generation part of the token, which will be taken care of with the patch attached to bug 974317.
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•