Server needs to extract and validate information from temporary URI

VERIFIED FIXED

Status

Hello (Loop)
Server
VERIFIED FIXED
4 years ago
4 years ago

People

(Reporter: abr, Assigned: tOkeshu)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

User Story

The temporary URI will contain information including an expiry, and an HMAC that needs to be validated before allowing a call to proceed.

Attachments

(1 attachment)

Comment hidden (empty)
(Reporter)

Updated

4 years ago
Blocks: 971986
(Reporter)

Updated

4 years ago
Component: General → Server

Comment 1

4 years ago
The temporary URI will contain information including an expiry, and an HMAC that needs to be validated before allowing a call to proceed.
Blocks: 972866
Code is here: https://github.com/ametaireau/pants-server/blob/master/pants/views.py#L13-L19
tests are here: https://github.com/ametaireau/pants-server/blob/master/tests/test_functional.py#L32-L44

We weren't sure what do we want for expiration, and if that was needed to encapsulate the simplepush url in the token payload so we haven't done anything about that.

I would need more information about the UX we want here: what's the duration of an URL? Should it be one-shot only?
User Story: (updated)
(Assignee)

Updated

4 years ago
Assignee: nobody → rgauthier
Created attachment 8384172 [details] [review]
link to github PR
Attachment #8384172 - Flags: review?(ekr)
Blocks: 976098
Attachment #8384172 - Flags: review?(ekr)
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Closing since the code has changed a lot since this was opened.
Plus we are not using https://github.com/ametaireau/pants-server anymore ;-)
Status: RESOLVED → VERIFIED
QA Contact: jbonacci
You need to log in before you can comment on or make changes to this bug.