Add Stream ID #9
Conversation
|
However, there is a slight wrinkle with the stream ID that I didn't foresee. How should we indicate to transmitters and receivers that they need a way to identify which stream is being POLLed or PUSHed? For PUSH it is easy - we can leave it up to the Receiver to set either a URL param in the endpoint or use a specific endpoint that dictates the stream ID. It is a little complicated though since the Receiver does not know the stream ID when creating the stream, which would force them to provide the "delivery" info during a second request. How much of this should we call out in the spec? For POLL it is up to the Transmitter to do the right thing and add a URL param or a specific endpoint for each stream. Do we need to call that out in the spec? A third option would be to extend the POLL spec to include a stream_id parameter, but that seems like a big lift. |
|
As an (almost) completely random comment, it would be great to keep only *.md documents in the repo, for example, openid-sse-framework-1_0.md, and then
It'll allow keeping the number of changes very low and easily review them. Moreover, Markdown files are convenient to edit even though the Web UI of GitHub. |
that's the plan. Just haven't had a change to convert the others to MD and then set up GH actions |
I added notes in the PUSH/POLL section to indicate the uniqueness needs of the URLs. |
|
In the Transmitter Configuration Metadata, should we modify the "delivery
methods supported" to include the POLL URL if the method is POLL?
…On Tue, Sep 13, 2022 at 6:34 AM FragLegs ***@***.***> wrote:
However, there is a slight wrinkle with the stream ID that I didn't
foresee. How should we indicate to transmitters and receivers that they
need a way to identify which stream is being POLLed or PUSHed?
For PUSH it is easy - we can leave it up to the Receiver to set either a
URL param in the endpoint or use a specific endpoint that dictates the
stream ID. It is a little complicated though since the Receiver does not
know the stream ID when creating the stream, which would force them to
provide the "delivery" info during a second request. How much of this
should we call out in the spec?
For POLL it is up to the Transmitter to do the right thing and add a URL
param or a specific endpoint for each stream. Do we need to call that out
in the spec?
A third option would be to extend the POLL spec to include a stream_id
parameter, but that seems like a big lift.
I added notes in the PUSH/POLL section to indicate the uniqueness needs of
the URLs.
—
Reply to this email directly, view it on GitHub
<#9 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB55UGYF2DEXPXDTHOW7SKDV6B7F7ANCNFSM5VC65TEA>
.
You are receiving this because your review was requested.Message ID:
***@***.***>
|
|
That’s a good idea, but can we make it a separate issue/PR? I think there’s
enough to discuss there to warrant a separate issue.
On Thu, Sep 15, 2022 at 7:54 PM Atul Tulshibagwale ***@***.***>
wrote:
… In the Transmitter Configuration Metadata, should we modify the "delivery
methods supported" to include the POLL URL if the method is POLL?
On Tue, Sep 13, 2022 at 6:34 AM FragLegs ***@***.***> wrote:
> However, there is a slight wrinkle with the stream ID that I didn't
> foresee. How should we indicate to transmitters and receivers that they
> need a way to identify which stream is being POLLed or PUSHed?
>
> For PUSH it is easy - we can leave it up to the Receiver to set either a
> URL param in the endpoint or use a specific endpoint that dictates the
> stream ID. It is a little complicated though since the Receiver does not
> know the stream ID when creating the stream, which would force them to
> provide the "delivery" info during a second request. How much of this
> should we call out in the spec?
>
> For POLL it is up to the Transmitter to do the right thing and add a URL
> param or a specific endpoint for each stream. Do we need to call that out
> in the spec?
>
> A third option would be to extend the POLL spec to include a stream_id
> parameter, but that seems like a big lift.
>
> I added notes in the PUSH/POLL section to indicate the uniqueness needs
of
> the URLs.
>
> —
> Reply to this email directly, view it on GitHub
> <#9 (comment)>, or
> unsubscribe
> <
https://github.com/notifications/unsubscribe-auth/AB55UGYF2DEXPXDTHOW7SKDV6B7F7ANCNFSM5VC65TEA
>
> .
> You are receiving this because your review was requested.Message ID:
> ***@***.***>
>
—
Reply to this email directly, view it on GitHub
<#9 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAHK3GG52J755CCR5DAO2D3V6OZJPANCNFSM5VC65TEA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
openid-sse-framework-1_0.txt
Outdated
| update the Event Stream configuration and status, to add and remove | ||
| subjects and to trigger verification. | ||
| Transmitters which can be used by Event Receivers to create and | ||
| delete one or more Event Streams, query and update the configuration |
There was a problem hiding this comment.
Since we are talking about multiple event streams now, we should probably write a new section that defines what an event stream is.
| would make the following request to the Issuer | ||
| "https://tr.example.com/issuer1" to obtain its Configuration | ||
| information, since the Issuer contains a path component: | ||
| If the Issuer value contains a path component, any terminating / MUST |
There was a problem hiding this comment.
I've noticed that the quotes are gone from many places in the spec. Is that intentional or an artifact of the tools you are using?
There was a problem hiding this comment.
Will be fixed by #35
| path component, if any. The syntax and semantics of ".well-known" | ||
| are defined in [RFC5785]. "sse-configuration" MUST point to a JSON | ||
| at the path formed by inserting the string /.well-known/sse- | ||
| configuration into the Issuer between the host component and the path |
There was a problem hiding this comment.
I think the quotes are important here, otherwise the spec cannot be read unambiguously
There was a problem hiding this comment.
Will be fixed by #35
|
|
||
| Table 6: Read Stream Status Errors | ||
|
|
||
| Examples: |
There was a problem hiding this comment.
These examples apply to all API calls. Should we move them to a part of the API description that applies to all calls?
There was a problem hiding this comment.
Yes. I think the examples sections all need a bit of rework. Some endpoints don't have examples, others (like this one) have examples that are too general. Since this was already in the spec, I'd like to leave it for a different pull request that is focused strictly on examples, if that's alright.
|
|
||
| 7.1.2.2. Updating a Stream's Status | ||
|
|
||
| An Event Receiver updates the current status of a stream by making an |
There was a problem hiding this comment.
we should mark this for a later pull request, but this needs to be changed to a PATCH since it's an update.
There was a problem hiding this comment.
👍 I'll make an issue for this and the examples comment above.
| openid-sse-framework June 2021 | ||
|
|
||
| subject | ||
| OPTIONAL. Specifies the Subject Principal for whom the status has |
There was a problem hiding this comment.
If this is optional, then we should specify that omitting the subject from the event means that the event applies to all subjects in the stream.
openid-sse-framework-1_0.txt
Outdated
| stream_id | ||
| *Read-Only*, A string that uniquely identifies the stream. Stream | ||
| IDs MAY be reused across Receivers, but MUST be unique per | ||
| Reciever. This value is generated by the Transmitter when the |
openid-sse-framework-1_0.txt
Outdated
| Subject Principals are the managed entities in a SSE Transmitter or | ||
| Receiver. These include human or robotic principals, devices, | ||
| customer tenants in a multi-tenanted service, organizational units | ||
| within a tenant, groups of subject principals or other entities that |
There was a problem hiding this comment.
I personally like the Oxford comma for lists like this.
groups of service principals, or other entities...
openid-sse-framework-1_0.txt
Outdated
| error code. See Security Considerations (Section 9). | ||
| empty 200 OK response. The Event Transmitter MAY choose to silently | ||
| ignore the request, for example if the subject has previously | ||
| indicated to the transmitter that they do not want events to be |
There was a problem hiding this comment.
Transmitter is typically capitalized in this doc.
This PR does a number of things: