Define behaviour when device secret is lost#1062
Merged
Merged
Conversation
cruickshankpg
changed the title
paddybyers
requested changes
Apr 6, 2021
| ***** @(RSH3a2a3)@ Otherwise, makes an asynchronous HTTP PUT request to @/push/deviceRegistrations/:deviceId@ using the local @DeviceDetails@ with the push details as body. When the registration validation request is complete, a @RegistrationSynced@ or @SyncRegistrationFailed@ event should be fired. | ||
| ***** @(RSH3a2a4)@ Transitions to @WaitingForRegistrationSync@. | ||
| **** @(RSH3a2b)@ If the local device does not have @id@ and @deviceSecret@, both are generated locally. The @id@ must be a "ulid":https://github.com/ulid/spec or similar globally-unique identifier. The @deviceSecret@ must be created using secure random data with sufficient entropy to generate a digest of at least 32 bytes (eg using sha256) and encoding that digest with base64. The local @DeviceDetails@ is updated with the resulting @deviceId@ and @deviceSecret@. | ||
| **** @(RSH3a2b)@ If the local device does not have @id@ or @deviceSecret@, both are generated locally. The @id@ must be a "ulid":https://github.com/ulid/spec or similar globally-unique identifier. The @deviceSecret@ must be created using secure random data with sufficient entropy to generate a digest of at least 32 bytes (eg using sha256) and encoding that digest with base64. The local @DeviceDetails@ is updated with the resulting @deviceId@ and @deviceSecret@. If either the @id@ or the @deviceSecret@ is lost then a new pair must be created. |
Member
There was a problem hiding this comment.
I think there needs to be an explicit statement in RSH8a, or in RSH8 as a separate requirement, stating that if during initialisation of the activation state machine the retrieval of existing LocalDevice details fails, then the machine should transition to NotActivated (which will result in new local device details being created on the next activation event).
paddybyers
reviewed
Apr 12, 2021
| ** @(RSH8g)@ Whenever any change arises of the push transport details for local device (eg an FCM registration token update triggered by the platform), a @GotPushDeviceDetails@ event is sent to "the state machine":#RSH3. | ||
| ** @(RSH8h)@ If an attempt to obtain the push transport details for local device (eg an FCM registration token) fails, a @GettingPushDeviceDetailsFailed@ event containing the indicated error is sent to "the state machine":#RSH3. | ||
| ** @(RSH8i)@ Each time the library is instanced, if the LocalDevice has push device details (eg an APNS deviceToken), and if the platform supports it, it must verify the validity of those details (eg by requesting a token from the platform and comparing that with the already-known token). If as a result there are updated details, then an update to the Ably server is triggered by sending a @GotPushDeviceDetails@ event to "the state machine":#RSH3. | ||
| ** @(RSH8j)@ If during library initialisation the @LocalDevice@ @id@ or @deviceSecret@ attributes are not able to be loaded then the ActivationStateMachine machine should transition to the @NotActivated@ state. New @LocalDevice@ @id@ and @deviceSecret@ attributes should be generated on the next activation event. |
Member
There was a problem hiding this comment.
.... are not able to be loaded then those LocalDevice details must be discarded and the ...
paddybyers
approved these changes
Apr 12, 2021
Member
paddybyers
left a comment
paddybyers
left a comment
There was a problem hiding this comment.
ok if you make the suggested change, thanks
cruickshankpg
force-pushed
the
update-device-id
branch
from
fddb3e1 to
395588c
Compare
lawrence-forooghian
added a commit
to ably/specification
that referenced
this pull request
May 20, 2026
I didn't even know that this statement existed. Paul added it to RSH3a2b in a6e9e18 but then added RSH8j in 17d4a2a a couple of weeks later, both in the same PR [1]; the former seems to be a vaguer version of the latter. [1] ably/docs#1062
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I've tried to tighten up the language around the device ID and secret to make it clear they are a pair.