yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2021-08-31 10:20:49 +02:00
parent 7154a29eaf
commit c5c93aa779
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
6 changed files with 17 additions and 139 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

61
Cisco.tmpPJgDoQ.org
View file

@ -1,61 +0,0 @@
# Created 2021-08-31 Tue 10:18
#+TITLE: Cisco Notes
#+AUTHOR: Yann Esposito
* Full Solution
** Cross product cookies
The only way for a user to feel logged in to all IROH-Auth related products
is to have a way to login the user in all products during the login phase.
The solution is to use a =*.cisco.com= cookie containing the user JWT.
It will pollute the =*.cisco.com= namespace in the user cookies, we might need
to check with someone at cisco to see if we could do that.
If a product is not hosted to a =*.cisco.com= URL then it will not work.
Technically:
IROH-Auth will still use the =localStorage= but will also save the JWT in
the cookie.
If both are different the cookie should probably takes precedence.
That way other products will be able to transition to use this cookie
instead of just the localStorage at their own pace.
Once this is done, the "Launch" link in the applink should probably be
updated to the product directly and not via IROH-Auth login page.
This should probably remove the interstitial login page between:
- SecureX
- Threat Response
- Orbital
For SSE, probably not because SSE uses OpenId Connect and does not uses IROH-Auth
JWT directly.
But, having the user's JWT at their disposal SSE could probably get rid of
OpenID Connect and thus the interstitial page.
** Selected Account Cookie
Right now we only uses a cookie to remember the last used Identity Provider.
We should also save the latest account the user successfully logged in with.
The limitation is that it will make it a lot harder to switch between
account.
But it looks like a good compromise.
If a user want to switch its account, the user will need to logout (via the
existing logout page) that will clean both cookies for the IdP and the Account.
One technical difficulty is to save the cookie only after a successful login.
** Conclusion
With both of these PR in IROH-Auth, the UI of SecureX, Threat Response,
Orbital and SSE will have a way to use the shared IROH-Auth session.
And the end-user will feel always logged in, in all products using
IROH-Auth à la "google".
** Limitations
Note if we would like to support cross-domain session more design work
should be done to invest in all different possible technical solutions.

61
Cisco.tmpgv1pu9.org
View file

@ -1,61 +0,0 @@
# Created 2021-08-31 Tue 10:17
#+TITLE: Cisco Notes
#+AUTHOR: Yann Esposito
* Full Solution
** Cross product cookies
The only way for a user to feel logged in to all IROH-Auth related products
is to have a way to login the user in all products during the login phase.
The solution is to use a `*.cisco.com` cookie containing the user JWT.
It will pollute the `*.cisco.com` namespace in the user cookies, we might need
to check with someone at cisco to see if we could do that.
If a product is not hosted to a `*.cisco.com` URL then it will not work.
Technically:
IROH-Auth will still use the `localStorage` but will also save the JWT in
the cookie.
If both are different the cookie should probably takes precedence.
That way other products will be able to transition to use this cookie
instead of just the localStorage at their own pace.
Once this is done, the "Launch" link in the applink should probably be
updated to the product directly and not via IROH-Auth login page.
This should probably remove the interstitial login page between:
- SecureX
- Threat Response
- Orbital
For SSE, probably not because SSE uses OpenId Connect and does not uses IROH-Auth
JWT directly.
But, having the user's JWT at their disposal SSE could probably get rid of
OpenID Connect and thus the interstitial page.
** Selected Account Cookie
Right now we only uses a cookie to remember the last used Identity Provider.
We should also save the latest account the user successfully logged in with.
The limitation is that it will make it a lot harder to switch between
account.
But it looks like a good compromise.
If a user want to switch its account, the user will need to logout (via the
existing logout page) that will clean both cookies for the IdP and the Account.
One technical difficulty is to save the cookie only after a successful login.
** Conclusion
With both of these PR in IROH-Auth, the UI of SecureX, Threat Response,
Orbital and SSE will have a way to use the shared IROH-Auth session.
And the end-user will feel always logged in, in all products using
IROH-Auth à la "google".
** Limitations
Note if we would like to support cross-domain session more design work
should be done to invest in all different possible technical solutions.

5
inbox.org
View file

@ -361,12 +361,13 @@ SCHEDULED: <2021-08-27 Fri 09:00 .+1d/3d>
| [2021-08-23 Mon] | 71 | ▉▉▉▉▉▉▌ |
#+TBLFM: $3='(orgtbl-uc-draw-grid $2 60 80)
*** TODO [#A] News filtered by AI + RSS + Scraper :daily:
SCHEDULED: <2021-08-26 Thu 09:00 .+3d>
SCHEDULED: <2021-09-02 Thu 09:00 .+3d>
:PROPERTIES:
:STYLE: habit
:LAST_REPEAT: [2021-08-23 Mon 11:42]
:LAST_REPEAT: [2021-08-30 Mon 12:24]
:END:
:LOGBOOK:
- State "DONE" from "TODO" [2021-08-30 Mon 12:24]
- State "DONE" from "TODO" [2021-08-23 Mon 11:42]
- State "DONE" from "IN-PROGRESS" [2021-08-18 Wed 10:03]
CLOCK: [2021-08-18 Wed 07:15]--[2021-08-18 Wed 07:35] => 0:20

17
journal/2021/2021-08-18.org
View file

@ -40,14 +40,11 @@ J'ai lu un peu ce soir est hier, sur les fontes.
Certaines sont intéressantes.
Je cherchais de bonnes fontes pour les écrans retina.
Une bonne fonte était "Source Code Pro" en thin.
** 09:58
** 00:13
Une journée bien meilleure que la veille coté stress.
Bien plus détendue.
J'ai tweaké mon emacs encore, avec nix j'ai installe nerdfonts qui donne
des tonnes de fontes sympa.
Là j'écris dans org-mode avec la font iMWriting (clone de iAWriter)
Je viens de télécharger la fonte iMWriting (clone open source de iA Writer)
à utiliser dans org-mode c'est sympa :)
#+begin_src json
{"this":"is a test"}
#+end_src
Oui, c'est vraiment très bien en fait. La fonte est jolie, et... reposante.
C'est difficile à expliquer, mais ça le fait.
J'ai regardé "Au poste !" de Quentin Dupieux très sympa de le revoir.

12
journal/2021/2021-08-19.org
View file

@ -25,11 +25,11 @@
:PROPERTIES:
:CREATED: 20210819
:END:
| activité φ | ?/5 | au lit -> sport |
| nourriture | ?/5 | malbouffe -> saine |
| humeur | ?/5 | exécrable -> excellente |
| energie | ?/5 | exécrable -> excellente |
| intérêt | ?/5 | ennuie -> exceptionnel |
| activité φ | 1/5 | au lit -> sport |
| nourriture | 2/5 | malbouffe -> saine |
| humeur | 4/5 | exécrable -> excellente |
| energie | 3/5 | exécrable -> excellente |
| intérêt | 3/5 | ennuie -> exceptionnel |
* 2021-08-19 Thursday
** 10:10
Une nouvelle journée commence. Krystelle est partie avec les chiens pour
@ -51,3 +51,5 @@ Par contre pas mal de bon humour.
La scène où il achète son blouson est top.
La scène où il récupère son alliance sur le mort est top.
Les scènes de meurtres sont assez sympa.
** 00:22
Bon j'ai joué à Factorio, demain il faudra chercher le chien.

BIN
roam/org-roam.db
View file

Binary file not shown.