ausocean / vidgrind / issues / #324 - Authenticated RPC calls using service accouts — Bitbucket

Issue #324 resolved

Alan Noble created an issue 2023-10-12

An alternative approach to one described in Issue ~~#323~~, is to use Google App Engine service accounts to authenticate calls to VidGrind from OceanCron (and vice versa).

Comments (4)

Alan Noble reporter
- assigned issue to
  
  AusOcean developer
- 2023-10-12T23:20:32+00:00
Alan Noble reporter
Researching various approaches, one relatively straightforward method is to use JWT (JSON Web Token) to digitally sign the service account info using a secret that is shared between VidGrind and OceanCron.
- 2023-10-16T00:45:02+00:00
Alan Noble reporter
We can also digitally sign other useful request data as part of the JWT claims object, for example, the site key, rather than passing such data in the clear.
- 2023-10-16T01:38:41+00:00
Alan Noble reporter
- changed status to resolved
Resolved by https://bitbucket.org/ausocean/vidgrind/commits/17f85e98a4d4745bd7e47a8b1fbf0b52b66a18c4
- 2023-10-19T08:12:23+00:00
Log in to comment

Assignee: AusOcean developer

Type: enhancement

Priority: minor

Status: resolved

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!