Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

116 hackathon rkvst implementation #28

Merged
merged 9 commits into from
Jun 26, 2023
Merged

116 hackathon rkvst implementation #28

merged 9 commits into from
Jun 26, 2023

Conversation

JAG-UK
Copy link
Contributor

@JAG-UK JAG-UK commented Jun 15, 2023

Working RKVST back end implementation from 116 Hackathon, updated and works on free production SaaS.

OR13
OR13 reviewed Jun 26, 2023
View reviewed changes
scitt_emulator/rkvst.py
from pathlib import Path
import json
import cbor2
#from cose.messages import CoseMessage
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe remove comment

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will do

OR13
OR13 reviewed Jun 26, 2023
View reviewed changes
scitt_emulator/rkvst.py

# Grab credentials from the enviroment
# TODO: we should support container storage and protected local file storage too
# TODO: we shold support unauthenticated connections for public read calls
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had similar question, it seems like all api operations probably want some access control.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doing something sophisticated here needs resolution on the Registration Policies and Identifiers discussions I think. The signer of the Signed Statement is not necessarily the caller of the API (in fact, will never be in my book, otherwise you'll be reusing keys in a naughty way ;-) so there's some unpicking to do here.

But yes at the moment all API calls do have authentication on them. My comment is that I think certain things could be relaxed in future when more of the API and surrounding concepts are fleshed out.

OR13
OR13 reviewed Jun 26, 2023
View reviewed changes
scitt_emulator/rkvst.py
#rkvst_receipt = rkvst_mocks.mock_receipt

# TODO: This is just neat debug. Get the JSON form of the receipt
receipt_file_path = f'{entry_id}.receipt.json'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should really document a json form for them, we do something similar

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Happy to contribute this. Where do you think we should put it? I'd imagine just a subsection the API portion of the architecture doc.

@JAG-UK JAG-UK merged commit f432e10 into main Jun 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@OR13 OR13 OR13 approved these changes

@letmaik letmaik Awaiting requested review from letmaik

@mprorock mprorock Awaiting requested review from mprorock

@SteveLasker SteveLasker Awaiting requested review from SteveLasker

@henkbirkholz henkbirkholz Awaiting requested review from henkbirkholz

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JAG-UK @OR13