Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-11730

Publish public key for remote apps to use for authenticating requests

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: CLOSED
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 2.5.0
    • Fix Version/s: None
    • Component/s: Linktool
    • Labels:
      None

      Description

      As Linktool is using PK signatures to sign requests, it could as easily publish a public key. Remote apps could then use this to authenticate the signature in app calls without needing to verify the request through webservices, saving a return call and improving response times.

      The public key could be displayed to site owners in the tool itself (in Setup), or made available through a webservice call in SakaiSigning.jws if the server is using https, e.g. getPublicKey(), which a remote app could use to initialise itself 1st time round (or for an updated public key whenever it changes).

        Gliffy Diagrams

          Zeplin

            Attachments

              Activity

                People

                • Assignee:
                  hedrick Charles Hedrick
                  Reporter:
                  smarquard Stephen Marquard
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Git Integration