Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass record-specific token to country config when registering a event #7849

Open
1 task done
naftis opened this issue Oct 28, 2024 · 1 comment
Open
1 task done

Pass record-specific token to country config when registering a event #7849

naftis opened this issue Oct 28, 2024 · 1 comment
Labels
Bevolv
Milestone
v1.7.0

Comments

@naftis
Copy link
Collaborator

naftis commented Oct 28, 2024
edited
Loading

Currently, the registrar's token is passed to country-config, so it can call core back to confirm or reject the registration. We need to amend this so, that we create a record-specific token using the token exchange endpoint.

This enables us to send the record-specific token to MOSIP, so the access is limited if the token is leaked and we can control the tokens time to live.

Dev tasks

  • initiateRegistration calls country-config for the event-registration endpoint. Before calling the endpoint, call auth-services token exchange endpoint to exchange the token, and use that token to call country config
@naftis naftis mentioned this issue Oct 28, 2024
Open
@naftis naftis added the Bevolv label Oct 28, 2024
@naftis naftis moved this from Backlog to Ready to build in OpenCRVS Core Oct 28, 2024
@naftis naftis changed the title Get a one-time token using the registrar's token using the endpoint created in the first one. Send this with the event to country-config Pass record-specific token to country config when registering a event Oct 28, 2024
@naftis naftis moved this from Ready to build to In Development in OpenCRVS Core Oct 30, 2024
@naftis naftis mentioned this issue Nov 4, 2024
Merged
@naftis naftis added this to the v1.7.0 milestone Nov 6, 2024
@naftis naftis moved this from In Development to Ready for QA in OpenCRVS Core Nov 15, 2024
@naftis
Copy link
Collaborator Author

naftis commented Nov 15, 2024

@onnee04 the end-to-end tests are sufficient to QA this ticket

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bevolv
Projects
OpenCRVS Core
Status: Ready for release
Milestone
v1.7.0
Development

No branches or pull requests
2 participants
@naftis @PathumN99