deft/2021-W15.org

** 2021-W15
*** 2021-04-12 Monday
**** IN-PROGRESS IROH-Auth Session                                     :work:
:LOGBOOK:
CLOCK: [2021-04-12 Mon 16:29]--[2021-04-12 Mon 17:29] =>  1:00
:END:
[2021-04-12 Mon 16:28]

- ref :: https://blog.theodo.com/2016/10/how-to-track-your-users-over-several-domains/
- ref :: https://stackoverflow.com/questions/3342140/cross-domain-cookies
- ref :: https://stackoverflow.com/questions/19531183/set-cookie-on-multiple-domains-with-php-or-javascript/19546680#19546680


Seems clear that whatever solution, cross-domain cookies will be more and
more difficult to work as browser vendor will make their best to prevent
user tracking.

So the best solution would be to keep a IROH-Auth local session.
If a user come on the IROH-Auth login page.
We could have put a set of cookies (if we want cross domain but intra
security.cisco.com one) or use localStorage.


1. We should ensure that once the user is logged sucessfully we save the JWT
*** 2021-04-14 Wednesday
**** MEETING interview                                         :work:meeting:
:LOGBOOK:
CLOCK: [2021-04-14 Wed 18:28]--[2021-04-15 Thu 10:36] => 16:08
:END:
[2021-04-14 Wed 18:28]
- ref :: [[file:~/dev/iroh-admin-ui/assets/l33t.css::text-align: left;]]
**** IN-PROGRESS Presentation IROH-Auth                                :work:
:LOGBOOK:
CLOCK: [2021-04-14 Wed 09:20]--[2021-04-14 Wed 18:28] =>  9:08
:END:
[2021-04-14 Wed 09:20]
***** History

1. Login using AMP SAML (generate JWT)
2. OAuth2 Provider (Grants)
3. Login using OpenID Connect with TG (client of OpenID Connect)
4. Users/Orgs in DB!!!
5. Account Activation
6. Become an OpenID Connect provider
7. OIDC with SSE
***** Internal User Structure
***** Cisco specificity
*** 2021-04-15 Thursday
**** IN-PROGRESS presentation IROH-Auth                                :work:
:LOGBOOK:
CLOCK: [2021-04-15 Thu 10:36]--[2021-04-15 Thu 11:06] =>  0:30
:END:
[2021-04-15 Thu 10:36]
*** 2021-04-16 Friday
**** IN-PROGRESS Presentation                                          :work:
:LOGBOOK:
CLOCK: [2021-04-16 Fri 11:56]--[2021-04-16 Fri 12:56] =>  1:00
:END:
[2021-04-16 Fri 11:56]
2021-W15.org 2021-08-17 12:47:22 +00:00			`** 2021-W15`
			`*** 2021-04-12 Monday`
			`**** IN-PROGRESS IROH-Auth Session :work:`
			`:LOGBOOK:`
			`CLOCK: [2021-04-12 Mon 16:29]--[2021-04-12 Mon 17:29] => 1:00`
			`:END:`
			`[2021-04-12 Mon 16:28]`

			`- ref :: https://blog.theodo.com/2016/10/how-to-track-your-users-over-several-domains/`
			`- ref :: https://stackoverflow.com/questions/3342140/cross-domain-cookies`
			`- ref :: https://stackoverflow.com/questions/19531183/set-cookie-on-multiple-domains-with-php-or-javascript/19546680#19546680`


			`Seems clear that whatever solution, cross-domain cookies will be more and`
			`more difficult to work as browser vendor will make their best to prevent`
			`user tracking.`

			`So the best solution would be to keep a IROH-Auth local session.`
			`If a user come on the IROH-Auth login page.`
			`We could have put a set of cookies (if we want cross domain but intra`
			`security.cisco.com one) or use localStorage.`


			`1. We should ensure that once the user is logged sucessfully we save the JWT`
			`*** 2021-04-14 Wednesday`
			`**** MEETING interview :work:meeting:`
			`:LOGBOOK:`
			`CLOCK: [2021-04-14 Wed 18:28]--[2021-04-15 Thu 10:36] => 16:08`
			`:END:`
			`[2021-04-14 Wed 18:28]`
			`- ref :: [[file:~/dev/iroh-admin-ui/assets/l33t.css::text-align: left;]]`
			`**** IN-PROGRESS Presentation IROH-Auth :work:`
			`:LOGBOOK:`
			`CLOCK: [2021-04-14 Wed 09:20]--[2021-04-14 Wed 18:28] => 9:08`
			`:END:`
			`[2021-04-14 Wed 09:20]`
			`***** History`

			`1. Login using AMP SAML (generate JWT)`
			`2. OAuth2 Provider (Grants)`
			`3. Login using OpenID Connect with TG (client of OpenID Connect)`
			`4. Users/Orgs in DB!!!`
			`5. Account Activation`
			`6. Become an OpenID Connect provider`
			`7. OIDC with SSE`
			`***** Internal User Structure`
			`***** Cisco specificity`
			`*** 2021-04-15 Thursday`
			`**** IN-PROGRESS presentation IROH-Auth :work:`
			`:LOGBOOK:`
			`CLOCK: [2021-04-15 Thu 10:36]--[2021-04-15 Thu 11:06] => 0:30`
			`:END:`
			`[2021-04-15 Thu 10:36]`
			`*** 2021-04-16 Friday`
			`**** IN-PROGRESS Presentation :work:`
			`:LOGBOOK:`
			`CLOCK: [2021-04-16 Fri 11:56]--[2021-04-16 Fri 12:56] => 1:00`
			`:END:`
			`[2021-04-16 Fri 11:56]`