Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Account secrets #677

Open
shurwit opened this issue Sep 28, 2023 · 0 comments · May be fixed by #678
Open

[FEATURE] Account secrets #677

shurwit opened this issue Sep 28, 2023 · 0 comments · May be fixed by #678
Assignees
@roberlander2
Labels
enhancement New feature or request

Comments

@shurwit
Copy link
Collaborator

shurwit commented Sep 28, 2023

Is your feature request related to a problem? Please describe.
Currently we do not have a dedicated space to store user-specific secrets within an account.

Describe the solution you'd like
We should add a "secrets" field to the account that is similar to preferences in the sense that it can store any arbitrary data provided by the client. This data should be encrypted using the Core private key (same mechanism as access tokens in #627). This field will be decrypted and sent back with the user's account upon login and when they retrieve their account data. This field MUST NOT be exposed to anyone other than the currently authenticated user (ie. not exposed through admin APIs, public account data APIs... etc.)
@shurwit shurwit added the enhancement New feature or request label Sep 28, 2023
roberlander2 added a commit that referenced this issue Oct 3, 2023
@roberlander2
start implementing account secrets - added to core and API models, ad…
a441ec4 
…ded encryption, decryption utils [#677]
roberlander2 added a commit that referenced this issue Oct 4, 2023
@roberlander2
implement service AES key management [#677]
d35f706
roberlander2 added a commit that referenced this issue Oct 4, 2023
@roberlander2
update mock storage [#677]
df6a2fd
roberlander2 added a commit that referenced this issue Oct 5, 2023
@roberlander2
add update secrets API, add decrypt secrets func to auth interface [#677
1ef7855 
]
roberlander2 added a commit that referenced this issue Oct 5, 2023
@roberlander2
implement secrets decryption on get account and login [#677]
c505524
roberlander2 added a commit that referenced this issue Oct 5, 2023
@roberlander2
bug fixes and cleanup, add timestamp fields to key model (RSA-PSS par…
7f2e173 
…sing not working) [#677]
@roberlander2 roberlander2 linked a pull request Oct 6, 2023 that will close this issue
[#677] Account secrets #678
Open
18 tasks
@roberlander2 roberlander2 linked a pull request Oct 6, 2023 that will close this issue
Open
18 tasks
shurwit pushed a commit to rokmetro/core-building-block-fork that referenced this issue Oct 7, 2023
@roberlander2
[rokwire#677] Account secrets (#21)
41cda14 
* start implementing account secrets - added to core and API models, added encryption, decryption utils [rokwire#677]

* implement service AES key management [rokwire#677]

* update mock storage [rokwire#677]

* add update secrets API, add decrypt secrets func to auth interface [rokwire#677]

* add missing files

* implement secrets decryption on get account and login [rokwire#677]

* bug fixes and cleanup, add timestamp fields to key model (RSA-PSS parsing not working) [rokwire#677]

* update changelog
@roberlander2 roberlander2 mentioned this issue Mar 7, 2024
Open
18 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@roberlander2 roberlander2

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[#677] Account secrets rokwire/core-building-block
2 participants
@shurwit @roberlander2