Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add enrollment details to public hidden key #2020

Open
wants to merge 2 commits into
base: trunk
Choose a base branch
from
Open

feat: add enrollment details to public hidden key #2020

wants to merge 2 commits into from

Conversation

murali-shris
Copy link
Member

@murali-shris murali-shris commented Jul 10, 2024
edited
Loading

- What I did

  • added enrollment details to public hidden key which can be used in enrollment widget to fetch list of apps that are eligible to approve enrollment request
    - How I did it
  • on enrollment approval, add enrollment info (enrollmentid, app name,device name, namespaces) to a public key public:_enrollments
  • on enrollment revoke, remove the enrollment info from the public hidden key
    - How to verify it
  • added checks to existing unit tests

@murali-shris murali-shris marked this pull request as ready for review July 10, 2024 14:32
@gkc
Copy link
Contributor

gkc commented Jul 10, 2024

Have added @cconstab and @XavierChanth as reviewers as I'd like this change to have more eyes on it before we merge it

XavierChanth
XavierChanth reviewed Jul 15, 2024
View reviewed changes
packages/at_secondary_server/lib/src/verb/handler/enroll_verb_handler.dart
String newEnrollmentId,
EnrollDataStoreValue enrollmentDataStoreValue,
String currentAtSign) async {
var key = 'public:$enrollmentPublicHiddenKey';
Copy link
Member

@XavierChanth XavierChanth Jul 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wait does this actually work as intended? A public key with _ is also hidden? I was under the impression that this was only for self-keys, but it makes sense that it works for all key types.

If so, the changes I proposed in atsign-foundation/at_protocol#166 are not quite right.

No action items for this PR intended out of this comment, but rather clarification for the changes I am making to the protocol spec.

gkc
gkc requested changes Jul 15, 2024
View reviewed changes
Copy link
Contributor

@gkc gkc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed let's park this while we revisit the problem we're trying to solve and come up with the desired user experience first. As it stands, this would leak information which a user might not at all want

packages/at_secondary_server/test/enroll_verb_test.dart
@@ -847,6 +867,14 @@ void main() {
response, approveEnrollVerbParams, inboundConnection);
expect(jsonDecode(response.data!)['enrollmentId'], enrollmentId);
expect(jsonDecode(response.data!)['status'], 'approved');
// verify enrollmentId is present in hidden public key before enroll:revoke
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be made into its own unit test rather than added to an existing one

packages/at_secondary_server/test/enroll_verb_test.dart
@@ -856,6 +884,12 @@ void main() {
response, enrollVerbParams, inboundConnection);
expect(jsonDecode(response.data!)['enrollmentId'], enrollmentId);
expect(jsonDecode(response.data!)['status'], 'revoked');
// verify enrollmentId is removed from hidden public key after enroll:revoke
enrollmentAtData = await secondaryKeyStore
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be made into its own unit test rather than added to an existing one

packages/at_secondary_server/test/enroll_verb_test.dart
@@ -744,6 +755,15 @@ void main() {
enrollmentData = await secondaryKeyStore.get(enrollmentKey);
expect(enrollmentData!.metaData!.expiresAt, null);
expect(enrollmentData.metaData!.ttl, 0);
var enrollmentAtData = await secondaryKeyStore
.get('public:$enrollmentPublicHiddenKey$alice');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be made into its own unit test rather than added to an existing one

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gkc gkc gkc requested changes

@XavierChanth XavierChanth XavierChanth approved these changes

@sitaram-kalluri sitaram-kalluri Awaiting requested review from sitaram-kalluri

@CurtlyCritchlow CurtlyCritchlow Awaiting requested review from CurtlyCritchlow

@cconstab cconstab Awaiting requested review from cconstab

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@murali-shris @gkc @XavierChanth