Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added sequence diagrams with RFC 9101 #94

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Added sequence diagrams with RFC 9101 #94

wants to merge 3 commits into from
+309 −0

Conversation

mhfoo
Copy link
Collaborator

@mhfoo mhfoo commented Apr 5, 2024

What type of PR is this?

Add one of the following kinds:

  • documentation

What this PR does / why we need it:

Implement RFC 9101 for securing the /authorise endpoint.

Which issue(s) this PR fixes:

Fixes #93

Special notes for reviewers:

Please review the diagrams and provide your comments.

Changelog input

 release-note
Update diagram to reflect RFC 9101

Additional documentation

This section can be blank.

docs

@bigludo7
Copy link
Collaborator

Hello @ECORMAC
Any update on this?
I've noted to wait from feedback from you before to move forward.

@ECORMAC
Copy link
Collaborator

ECORMAC commented May 30, 2024

Hi Ludovic,
My apologies for the dealy. Checked the last flow done by Ming (simplified showing the aggregator etc.). I think it looks good now. Good-to-go from my side.
Thanks,
Cormac

bigludo7
bigludo7 approved these changes May 30, 2024
View reviewed changes
Copy link
Collaborator

@bigludo7 bigludo7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/LGTM

@fernandopradocabrillo
Copy link
Collaborator

Hi, I've checked with my collegues from Identity and there are a few issues we are yet not sure about:

  1. The request object according to RFC 9101 is not yet in the CAMARA ICM profile. It will probably be but, for now, is not yet approved,
  2. The max_age param does not make sense in this flow since network auth must occur for every authorization. See previous comment
  3. The way the scopes and purposes are sent is not the one appoved for the current version of ICM in CAMARA.
  4. In general, aggregation or federetion should be out of the CAMARA scope. It is something defined in Opengateway, in CAMARA the API consumer could be the BE of an App or an aggregator, but CAMARA is not involve in how the routing should be or if there is or not a Telco Finder, etc. It is an entity defined in Opengateway.

The main thing here is that, even being a Telefónica's proposal, the use of RFC9101 hasn't been defined or agreed at CAMARA level yet, so I think we should at least wait for the ICM resolution and then continue with this topic.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bigludo7 bigludo7 bigludo7 approved these changes

@fernandopradocabrillo fernandopradocabrillo Awaiting requested review from fernandopradocabrillo fernandopradocabrillo is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update Diagram with RFC 9101 to secure the /authorize endpoint
4 participants
@mhfoo @bigludo7 @ECORMAC @fernandopradocabrillo