2022-05-02 15:10:18 +00:00
|
|
|
:PROPERTIES:
|
|
|
|
:ID: b30f9e63-e655-40e6-9a58-5a390a7921bb
|
|
|
|
:END:
|
2022-05-02 15:20:37 +00:00
|
|
|
#+TITLE: Cisco: Org Level OAuth2 Clients
|
2022-05-02 15:10:18 +00:00
|
|
|
#+Author: Yann Esposito
|
|
|
|
#+Date: [2022-05-02]
|
|
|
|
- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]
|
|
|
|
- source ::
|
2022-05-02 15:12:03 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
2022-05-02 15:20:37 +00:00
|
|
|
* Org Level Clients
|
2022-05-02 15:13:33 +00:00
|
|
|
|
|
|
|
Goal of the epic:
|
|
|
|
|
|
|
|
The goal of this Epic is to handle the case where the creator of a client
|
|
|
|
leave the company.
|
|
|
|
We still wish to keep the client working.
|
2022-05-02 15:16:11 +00:00
|
|
|
|
2022-05-02 15:21:47 +00:00
|
|
|
In the current schema of a client in IROH the field ~owner-id~ is optional.
|
2022-05-02 15:22:55 +00:00
|
|
|
So it seems natural to just provide a mechanism such that if this field
|
|
|
|
does not exists, then the client is considered to be an org-level client.
|
|
|
|
|
|
|
|
What does this mean:
|
|
|
|
|
|
|
|
1. Every admin of the org should be able to see and edit the client
|
2022-05-02 15:24:04 +00:00
|
|
|
2. During the creation of the client we should add an option such that we
|
|
|
|
know this client is an org-level client
|
2022-05-02 15:20:37 +00:00
|
|
|
|
2022-05-02 15:25:09 +00:00
|
|
|
Looking at the code, it means that we should just change the
|
|
|
|
~iroh-auth.oauth2-client-service.core/accessible-for?~ function
|
2022-05-02 15:26:10 +00:00
|
|
|
|
2022-05-02 15:24:04 +00:00
|
|
|
** Security concerns
|
2022-05-02 15:16:11 +00:00
|
|
|
|
2022-05-02 15:24:04 +00:00
|
|
|
The client secret is only known by its owner when delivered.
|
|
|
|
Then this secret should also be used by the client code.
|
|
|
|
So other people working with the client's owner should probably be able to
|
|
|
|
get that password.
|
|
|
|
But when the owner leave the company, knowing the secret might have some
|
|
|
|
security concern.
|
|
|
|
So ideally, the client secret should be updated on both end (inside IROH
|
|
|
|
and in the Client program).
|
2022-05-02 15:16:11 +00:00
|
|
|
|
2022-05-02 15:24:04 +00:00
|
|
|
Actionable: Add a change client secret endpoint.
|