A method to use a checksum to make sure schema reference hasn't changed #13
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… and a sample extended badge class that uses it
…a and its example
| }, | ||
| "image": { | ||
| "description": "The URL of the image that represents the present achievement. It will be baked into a complete badge for each recipient.", | ||
| "type": "string" |
There was a problem hiding this comment.
You might also want to include "format": "uri" here.
|
@andrewhayward: Thanks for all the JSON-schema suggestions. @kayaelle told me there were some ways to do URI/email/regex type data-validation, but I hadn't been able to dig into them yet. I'll make a few changes and make another commit tomorrow. |
| "checksum": { | ||
| "description": "SHA-1 hash of the linked schema file so issuers may avoid downloading it repeatedly. use format: alg$hash", | ||
| "type": "string", | ||
| "pattern": "^\\w+\\$\\w+$" |
There was a problem hiding this comment.
I couldn't find many examples of this, but it looks like backslashes in JSON need to be escaped, and schema validators are equipped to handle it like this. Tested, success on http://json-schema-validator.herokuapp.com/index.jsp
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Here is another variation on the extension idea that uses a SHA-1 hash of the schema json file to verify that the schema referenced in the badgeClass extension is indeed the version intended. This protects against bad versioning practices on behalf of schema authors (overwriting previous versions). The checksum is listed as optional in the badgeClass schema.
For a system that scrapes and stores many extension schema, including a standardized hash could allow these schema to be stored in a hash table. This would allow them to avoid making unnecessary requests for previously encountered schema while ensuring that they would still know when the version changes. New versions of schema would have different hashes and would not overwrite previous versions in a hash table based cache.
Referenced in mozilla/openbadges-discussion/#11 by @kayaelle