Roundup Tracker - Issues


Author rouilj
Recipients rouilj
Date 2021-12-05.16:10:54
Message-id <>
Basic JWT (json web tokens) support was added as part of the 2.0.0
release. Directions for it can be discussed on issue 2551064.

One issue with JWT is that a user can't use a jwt to derive a more restricted
token (say allow read only access to an issue for the next 24 hours from a specific
ip address range).

Investigate the ability to use
to allow users to derive tokens with more limited permissions/scopes
and the changes needed to support adding user specified restrictions.

Pypi uses macaroons (so we have some support for them) and there is a tool for
modifying a pypi macaroon:

Date User Action Args
2021-12-05 16:10:54rouiljsetrecipients: + rouilj
2021-12-05 16:10:54rouiljsetmessageid: <>
2021-12-05 16:10:54rouiljlinkissue2551177 messages
2021-12-05 16:10:54rouiljcreate