Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Auth] Move interaction routes to a different port #2649

Open
1 task
sabineschaller opened this issue Apr 10, 2024 · 2 comments · May be fixed by #2665
Open
1 task

[Auth] Move interaction routes to a different port #2649

sabineschaller opened this issue Apr 10, 2024 · 2 comments · May be fixed by #2665
Assignees
@golobitch
Labels
pkg: auth Changes in the GNAP auth package.

Comments

@sabineschaller
Copy link
Member

Context

The auth package currently has the GNAP routes and the interaction routes on the same port. The GNAP routes need to be exposed to the world while the interaction routes do not. Hence, we'd like to move the interaction routes to their own port.

To clarify:

  • all the routes that are specified here stay on the current port
  • all the remaining routes (those used for interacting with the grant) move to a new port

Todos

  • move interaction routes to own port
@sabineschaller sabineschaller added the pkg: auth Changes in the GNAP auth package. label Apr 10, 2024
@golobitch
Copy link
Collaborator

Isn't problematic only accept/reject route?

These two are most problematic in my view. For example, if Rafiki Auth is exposed, then on the checkout of Rafiki Boutique, I can use probably any payment pointer I want. Because for accepting grant, I only need interaction and nonce. For /finish route, that is probably ok to be exposed right? Because redirect url is specified in grant if I am not mistaken. So it will be always redirected to correct URL. There can be issue only in case of MITM attack.

Just a food for thought :)

@golobitch
Copy link
Collaborator

@sabineschaller on the link that you provided (https://openpayments.dev/apis/auth-server/), I cannot see any routes.

I can take this ticket if we specify what routes should be exposed and what not.

Suggestion:
Leave as it is with the exception of /accept and /reject API call. These two are IMHO most sensitive

golobitch added a commit that referenced this issue Apr 16, 2024
@golobitch
feat(auth): move interaction choice to different port
a8b524f 
Accept and reject interaction choices should not be exposed. but other routes can and must be
exposed. This is why we need to move the choice routes to different port

BREAKING CHANGE: Routes for accepting and rejecting choice are no longer exposed. Ideally, this must
be done through ASE backend service that checks for authentication / authorization

#2649
golobitch added a commit that referenced this issue Apr 16, 2024
@golobitch
feat(auth): move interaction choice to different port
c40741e 
Accept and reject interaction choices should not be exposed. but other routes can and must be
exposed. This is why we need to move the choice routes to different port

BREAKING CHANGE: Routes for accepting and rejecting choice are no longer exposed. Ideally, this must
be done through ASE backend service that checks for authentication / authorization

#2649
@golobitch golobitch linked a pull request Apr 16, 2024 that will close this issue
Open
5 tasks
@golobitch golobitch linked a pull request Apr 16, 2024 that will close this issue
feat(auth)!: move consent interaction to different port #2665
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@golobitch golobitch

Labels
pkg: auth Changes in the GNAP auth package.
Projects
Rafiki
Status: Ready for Review
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(auth)!: move consent interaction to different port interledger/rafiki
2 participants
@sabineschaller @golobitch