Skip to content

feat: add enrollment details to public hidden key#2020

Draft
murali-shris wants to merge 2 commits intotrunkfrom
add_enrollment_info_public_key
Draft

feat: add enrollment details to public hidden key#2020
murali-shris wants to merge 2 commits intotrunkfrom
add_enrollment_info_public_key

Conversation

@murali-shris
Copy link
Contributor

@murali-shris murali-shris commented Jul 10, 2024
edited
Loading

- What I did

  • added enrollment details to public hidden key which can be used in enrollment widget to fetch list of apps that are eligible to approve enrollment request
    - How I did it
  • on enrollment approval, add enrollment info (enrollmentid, app name,device name, namespaces) to a public key public:_enrollments
  • on enrollment revoke, remove the enrollment info from the public hidden key
    - How to verify it
  • added checks to existing unit tests

@murali-shris murali-shris marked this pull request as ready for review July 10, 2024 14:32
@gkc gkc requested review from cconstab and xavierchanth July 10, 2024 14:38
@gkc
Copy link
Contributor

gkc commented Jul 10, 2024

Have added @cconstab and @xavierchanth as reviewers as I'd like this change to have more eyes on it before we merge it

xavierchanth
xavierchanth reviewed Jul 15, 2024
View reviewed changes
packages/at_secondary_server/lib/src/verb/handler/enroll_verb_handler.dart
String newEnrollmentId,
EnrollDataStoreValue enrollmentDataStoreValue,
String currentAtSign) async {
var key = 'public:$enrollmentPublicHiddenKey';
Copy link
Member

@xavierchanth xavierchanth Jul 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wait does this actually work as intended? A public key with _ is also hidden? I was under the impression that this was only for self-keys, but it makes sense that it works for all key types.

If so, the changes I proposed in atsign-foundation/at_protocol#166 are not quite right.

No action items for this PR intended out of this comment, but rather clarification for the changes I am making to the protocol spec.

gkc
gkc requested changes Jul 15, 2024
View reviewed changes
Copy link
Contributor

@gkc gkc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed let's park this while we revisit the problem we're trying to solve and come up with the desired user experience first. As it stands, this would leak information which a user might not at all want

packages/at_secondary_server/test/enroll_verb_test.dart
response, approveEnrollVerbParams, inboundConnection);
expect(jsonDecode(response.data!)['enrollmentId'], enrollmentId);
expect(jsonDecode(response.data!)['status'], 'approved');
// verify enrollmentId is present in hidden public key before enroll:revoke
Copy link
Contributor

@gkc gkc Jul 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be made into its own unit test rather than added to an existing one

packages/at_secondary_server/test/enroll_verb_test.dart
expect(jsonDecode(response.data!)['enrollmentId'], enrollmentId);
expect(jsonDecode(response.data!)['status'], 'revoked');
// verify enrollmentId is removed from hidden public key after enroll:revoke
enrollmentAtData = await secondaryKeyStore
Copy link
Contributor

@gkc gkc Jul 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be made into its own unit test rather than added to an existing one

packages/at_secondary_server/test/enroll_verb_test.dart
expect(enrollmentData!.metaData!.expiresAt, null);
expect(enrollmentData.metaData!.ttl, 0);
var enrollmentAtData = await secondaryKeyStore
.get('public:$enrollmentPublicHiddenKey$alice');
Copy link
Contributor

@gkc gkc Jul 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be made into its own unit test rather than added to an existing one

@murali-shris murali-shris marked this pull request as draft December 2, 2024 11:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gkc gkc gkc requested changes

@sitaram-kalluri sitaram-kalluri Awaiting requested review from sitaram-kalluri

@CurtlyCritchlow CurtlyCritchlow Awaiting requested review from CurtlyCritchlow

@cconstab cconstab Awaiting requested review from cconstab

+1 more reviewer

@xavierchanth xavierchanth xavierchanth approved these changes

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@murali-shris @gkc @xavierchanth