View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006731 | Taler | specification | public | 2021-01-30 16:38 | 2021-08-24 16:23 |
| Reporter | Christian Grothoff | Assigned To | Christian Grothoff | ||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | closed | Resolution | fixed | ||
| Platform | i7 | OS | Debian GNU/Linux | OS Version | squeeze |
| Product Version | git (master) | ||||
| Target Version | 0.8 | Fixed in Version | 0.8 | ||
| Summary | 0006731: support authentication via Authorization header in merchant backend | ||||
| Description | This requires having/storing the credential in the DB and allowing the user to change the credentials when configuring the instances. | ||||
| Tags | No tags attached. | ||||
|
|
10a3b45..9dded1a adds the required auth_salt and auth_hash fields to all instances of the merchant backend. |
|
|
0366878..caa71e0 updates the merchant backend API spec with 'auth_token' strings to be passed to the backend to setup authentication when creating/patching an instance. |
|
|
9dded1a..83f0cd8 implements importing the 'auth_token' values into the DB. Open sub-issues: - allow command-line/environment-variable to override/set auth-token for default instance - actually check authentication headers - update test suite to include auth token checks |
|
|
We should consider https://www.rfc-editor.org/rfc/rfc8959.txt when specifying the final format of the "Authorization" header. |
|
|
83f0cd8..25c0b94 implements the access control logic (untested!) and the command-line override logic. |
|
|
Still to do: - extend C API to allow setting the authentication token for instances - extend test logic to test authentication |
|
|
Tests added (96726fd..068433c), documentation updated (caa71e0..b55d534). |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-01-30 16:38 | Christian Grothoff | New Issue | |
| 2021-01-30 16:38 | Christian Grothoff | Status | new => assigned |
| 2021-01-30 16:38 | Christian Grothoff | Assigned To | => Christian Grothoff |
| 2021-01-31 12:53 | Christian Grothoff | Note Added: 0017474 | |
| 2021-01-31 13:12 | Christian Grothoff | Note Added: 0017475 | |
| 2021-01-31 13:14 | Christian Grothoff | Note Added: 0017476 | |
| 2021-01-31 14:01 | Christian Grothoff | Note Added: 0017477 | |
| 2021-01-31 22:23 | Christian Grothoff | Note Added: 0017478 | |
| 2021-01-31 22:28 | Christian Grothoff | Note Added: 0017479 | |
| 2021-02-02 15:09 | Christian Grothoff | Status | assigned => resolved |
| 2021-02-02 15:09 | Christian Grothoff | Resolution | open => fixed |
| 2021-02-02 15:09 | Christian Grothoff | Fixed in Version | => 0.9 |
| 2021-02-02 15:09 | Christian Grothoff | Note Added: 0017487 | |
| 2021-02-02 15:09 | Christian Grothoff | Target Version | 0.9.1 => 0.9 |
| 2021-07-30 13:57 | Christian Grothoff | Fixed in Version | 0.9 => 0.8.1 |
| 2021-07-30 13:59 | Christian Grothoff | Target Version | 0.9 => 0.8.1 |
| 2021-07-30 14:02 | Christian Grothoff | Fixed in Version | 0.8.1 => 0.8 |
| 2021-07-30 14:02 | Christian Grothoff | Target Version | 0.8.1 => 0.8 |
| 2021-08-24 16:23 | Christian Grothoff | Status | resolved => closed |
| 2024-01-12 14:02 | Christian Grothoff | Category | merchant backend API (HTTP specification) => specification |
