New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Strict filter to define if token A is allowed or not in incoming requests #20

Open

lilgallon opened this issue Nov 2, 2023 · 0 comments

Labels

enhancement module: transport

Member

lilgallon commented Nov 2, 2023

I would rather use a dedicated parameter to tell if we are in the list of endpoints allowed in the handshake or not, to allow tokenA only there. I find this detection mechanism error prone, and as this is a security feature I think it's worth to make it more strict

Originally posted by @xhanin in #16 (comment)

I marked the issue with ocpi 2.1.1 and 2.1.1 gireve, but before applying this issue, they have to include #15

lilgallon added enhancement ocpi 2.2.1 module: transport labels

lilgallon mentioned this issue

fix(ocpi-2.2.1): Fixed usage of tokens & review PlatformRepository #16

Merged

lilgallon removed ocpi 2.1.1 gireve labels

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment