Page MenuHomePhabricator
Differential D12258

[keyserver] update claim username responder to take username and password
ClosedPublic
Actions

Authored by varun on May 31 2024, 2:01 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jun 29, 4:18 PM
Unknown Object (File)
Wed, Jun 26, 2:41 PM
Unknown Object (File)
Mon, Jun 24, 10:09 PM
Unknown Object (File)
Wed, Jun 19, 6:40 PM
Unknown Object (File)
Wed, Jun 19, 3:43 AM
Unknown Object (File)
Wed, Jun 19, 3:05 AM
Unknown Object (File)
Sat, Jun 15, 6:14 AM
Unknown Object (File)
Thu, Jun 13, 10:00 PM
View All 26 Files
Subscribers
tomek

Details

Reviewers
ashoat
Commits
rCOMM1f76626f6f40: [keyserver] update claim username responder to take username and password
Summary

logged out clients will be anonymous viewers to the keyserver, so we'll need a username and password to attest that the user is who they say they are

Test Plan

tested in following diff by calling the responder and then using the message from the keyserver to successfully authenticate with identity service

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

varun created this revision.May 31 2024, 2:01 PM
Herald added a subscriber: tomek. · View Herald TranscriptMay 31 2024, 2:01 PM
varun added a child revision: D11912: [lib] add reserved username workflow to identity login actions.May 31 2024, 2:02 PM
varun added inline comments.
lib/actions/user-actions.js
215

this was timing out pretty consistently on staging so i increased the timeout threshold

varun published this revision for review.May 31 2024, 2:12 PM
Harbormaster completed remote builds in B29332: Diff 40812.May 31 2024, 2:18 PM
ashoat accepted this revision.Sat, Jun 1, 12:08 PM
ashoat added inline comments.
keyserver/src/endpoints.js
463

It looks like this might cause all callsites to this endpoint on existing clients to fail. Are any existing clients using this endpoint?

keyserver/src/responders/user-responders.js
964–967

Reduce indentation on these three lines

979

If !userRow.hash, should we throw invalid_parameters instead, since this account wasn't required originally with the authoritative keyserver, and can't be reserved?

lib/actions/user-actions.js
215

Should we increase it further? Isn't our default timeout longer than this? Should we just remove this override?

225

We could probably avoid spreading here if we wrap the declaration with Object.freeze, but in my comment above I suggest removing this override entirely

This revision is now accepted and ready to land.Sat, Jun 1, 12:08 PM
varun updated this revision to Diff 40853.Mon, Jun 3, 6:30 AM

rebase

varun added inline comments.Mon, Jun 3, 6:37 AM
keyserver/src/endpoints.js
463

no there are no existing clients using this endpoint

keyserver/src/responders/user-responders.js
979

that makes sense

lib/actions/user-actions.js
215

yeah it can just be removed. default timeout is 10 seconds i believe

Harbormaster completed remote builds in B29367: Diff 40853.Mon, Jun 3, 6:50 AM
Closed by commit rCOMM1f76626f6f40: [keyserver] update claim username responder to take username and password (authored by varun). · Explain WhyMon, Jun 3, 6:50 AM
This revision was automatically updated to reflect the committed changes.
varun added a commit: rCOMM1f76626f6f40: [keyserver] update claim username responder to take username and password.

Revision Contents
Changeset List

PathSize
keyserver/
src/
3 lines
responders/
31 lines
lib/
actions/
15 lines
types/
5 lines

Diff 40812

View Options

keyserver/src/endpoints.js

Loading...
View Options

keyserver/src/responders/user-responders.js

Loading...
View Options

lib/actions/user-actions.js

Loading...
View Options

lib/types/account-types.js

Loading...