Skip to content
This repository has been archived by the owner on Apr 11, 2023. It is now read-only.

Support Wallet Login & Lock/Unlock #49

Closed
24 tasks
llorllale opened this issue Sep 8, 2020 · 1 comment
Closed
24 tasks

Support Wallet Login & Lock/Unlock #49

llorllale opened this issue Sep 8, 2020 · 1 comment
Assignees
@llorllale
Labels
type: enhancement New feature or request
Milestone
0.1.5

Comments

@llorllale
Copy link
Contributor

llorllale commented Sep 8, 2020
edited
Loading

hub-auth resources

View
resource type sensitive? served? usage
key server URLs list of URLs no yes edge-agent Vue.js sets up key stores, then initializes wallet
sds server URLs list of URLs no yes edge-agent Vue.js sets up vaults, then initializes wallet
keyStoreIDs list of IDs yes yes edge-agent aries-framework-go KMS
SDS vault IDs list of IDs yes yes edge-agent aries-framework-go storage
user devices info list of tuples {AAGUID publicKey, x509_cert} yes no when unlocking: validate if device is registered and to which user before giving access to bootstrap resources (primary key is wiped from devices when locked, needs to be fetched from network)
locations of user primary key shares list of SDS locations of the user's primary key shares (split w/SSS) yes yes a) when unlocking: edge-agent Vue.js needs location + authZ to fetch those shares; b) key server needs locations + authZ to fetch those shares to unlock the user's key store and do crypto operations
authorized wallet callback URIs list of URIs no no configuration: helps restrict processing of authZ requests to authorized wallets

Breakdown

View
  • hub-auth
    • /login endpoint hydra login handler #50
      • serve page with OIDC provider options
      • invokes /oauth2/request endpoint and redirects
    • handleOIDCCallback() should accept login request at hydra and redirect back to hydra
    • /consent endpoint
      • accept consent request at hydra and redirect back to hydra
    • BDD Tests with Hydra BDD tests with Hydra #52
    • setup Hydra
    • BDD Tests
    • GET /bootstrap
      • protect with access_token
      • introspect at Hydra - use sub to locate the user's bootstrap data
    • PUT /bootstrap
      • protect with access_token
      • updates user's bootstrap data
    • configure allowed user devices
      • TODO collection of tuples: {AAGUID, x509_cert} ?
    • POST /device
      • protect with access_token
      • TODO model: {AAGUID, x509_cert} ?
      • validate: AAGUID/x509_cert are allowed
  • session expiry
@llorllale llorllale added the type: enhancement New feature or request label Sep 8, 2020
@llorllale llorllale added this to the 0.1.5 milestone Sep 8, 2020
@llorllale llorllale self-assigned this Sep 8, 2020
@llorllale llorllale mentioned this issue Sep 17, 2020
Closed
@llorllale llorllale changed the title Support Wallet Lock/Unlock Support Wallet Login & Lock/Unlock Sep 17, 2020
llorllale pushed a commit to llorllale/hub-auth that referenced this issue Sep 18, 2020
feat: trustbloc#49 /login endpoint
8184c80 
Signed-off-by: George Aristy <george.aristy@securekey.com>
@llorllale llorllale mentioned this issue Sep 18, 2020
Merged
llorllale pushed a commit to llorllale/hub-auth that referenced this issue Sep 18, 2020
feat: trustbloc#49 /login endpoint
6df6068 
Signed-off-by: George Aristy <george.aristy@securekey.com>
llorllale pushed a commit to llorllale/hub-auth that referenced this issue Sep 18, 2020
feat: trustbloc#49 /login endpoint
530df3e 
Signed-off-by: George Aristy <george.aristy@securekey.com>
llorllale pushed a commit to llorllale/hub-auth that referenced this issue Sep 18, 2020
feat: trustbloc#49 /login endpoint
698fad2 
Signed-off-by: George Aristy <george.aristy@securekey.com>
fqutishat added a commit that referenced this issue Sep 18, 2020
@fqutishat
Merge pull request #54 from llorllale/49
18adaf0 
feat: #49 /login endpoint
@llorllale
Copy link
Contributor Author

This was completed.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@llorllale llorllale

Labels
type: enhancement New feature or request
Projects
None yet
Milestone
0.1.5
Development

No branches or pull requests
1 participant
@llorllale