Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use-code as new requirement + cleaned up superseded references to mfa-capable #156

Merged
merged 3 commits into from
Nov 14, 2024
Merged

use-code as new requirement + cleaned up superseded references to mfa-capable #156

merged 3 commits into from
Nov 14, 2024

Conversation

glpatcern
Copy link
Member

This is a draft to extend requirements along the concept that "a requirement is an enforced capability that otherwise would be optional".

Proper definition of capabilities is required prior to merge this.

@glpatcern glpatcern marked this pull request as draft October 17, 2024 12:06
@glpatcern
Copy link
Member Author

glpatcern commented Oct 17, 2024
edited
Loading

Following today's discussion, an idea to introduce a requirement around HTTP signature would rather be with the following flow:

  1. User A shares a resource to recipient B by:
  • Making a signed request to B's endpoint (that's actually optional, but would be fair and nice for A to do)
  • Including a code in the payload
  • Setting an empty sharedSecret
  1. User B is then expected to access A's resource by:
  • Exchanging the code via signed request to /token at A
  • Executing PROPFIND etc. against A's resource with the short-lived token, without any further signature

Does that make sense?

If so, IMHO we should explicitly define a requirement to enforce that user B go with this flow. Implicitly assuming it in the case sharedSecret is empty does not look satisfactory...

@glpatcern
Copy link
Member Author

Following today's discussion I have rephrased the specification of the requirement for a signed request. Still, this PR is to be considered after #136 about Caps Discovery.

@glpatcern glpatcern changed the title WIP: http signature as requirement HTTP signature as requirement on new shares Nov 4, 2024
@michielbdejong
Copy link
Contributor

@glpatcern IIUC this is now covered by the criteria in discovery, correct? So then we can close this?

@glpatcern
Copy link
Member Author

The criteria would apply to all shares from a given provider, therefore they're admin-driven. Whereas here we would introduce a requirement that applies to a specific share, and it might be given as an option to the user.

@michielbdejong
Copy link
Contributor

Ah wait, I understand now. I thought this was about the signature on the Share Creation Notification. But it refers to the signature used when exchanging the code for a short-lived access token, right?

As you say, merely because a code is present in a share and a sharedSecret is not, is a bit of a weak way to indicate that the recipient is required to use the code flow.

So maybe we can call this requirement "use-code"?

@glpatcern
Copy link
Member Author

So maybe we can call this requirement "use-code"?

Makes sense, yes. I'll do that, and I'll also drop the /mfa-capable "fake" endpoint.

@glpatcern glpatcern force-pushed the sig-requirement branch 2 times, most recently from aa5c39c to e29c1a7 Compare November 14, 2024 14:18
@glpatcern glpatcern marked this pull request as ready for review November 14, 2024 14:18
@glpatcern glpatcern changed the title HTTP signature as requirement on new shares use-code as new requirement + cleaned up superseded references to mfa-capable Nov 14, 2024
mickenordin
mickenordin reviewed Nov 14, 2024
View reviewed changes
Copy link
Collaborator

@mickenordin mickenordin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good job!

@glpatcern glpatcern merged commit a619299 into cs3org:develop Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mickenordin mickenordin mickenordin approved these changes

@michielbdejong michielbdejong michielbdejong approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@glpatcern @michielbdejong @mickenordin