Roundup Tracker - Issues

Issue 2551177

classification
Consider macaroon bearer auth token support using pymacaroons
Type: rfe Severity: normal
Components: Web interface Versions:
process
Status: new
:
: : rouilj
Priority: : Effort-Medium

Created on 2021-12-05 16:10 by rouilj, last changed 2021-12-05 16:10 by rouilj.

Messages
msg7396 Author: [hidden] (rouilj) Date: 2021-12-05 16:10
Basic JWT (json web tokens) support was added as part of the 2.0.0
release. Directions for it can be discussed on issue 2551064.

One issue with JWT is that a user can't use a jwt to derive a more restricted
token (say allow read only access to an issue for the next 24 hours from a specific
ip address range).

Investigate the ability to use  https://github.com/ecordell/pymacaroons
to allow users to derive tokens with more limited permissions/scopes
and the changes needed to support adding user specified restrictions.

Pypi uses macaroons (so we have some support for them) and there is a tool for
modifying a pypi macaroon:

  https://github.com/ewjoachim/pypitoken

announced:

  https://discuss.python.org/t/pypitoken-a-library-for-generating-and-manipulating-pypi-
tokens/7572
History
Date User Action Args
2021-12-05 16:10:54rouiljcreate