Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SCRAM] Implement SCRAM register-client flow on the client portal #187

Open
interestIngc opened this issue Feb 13, 2025 · 1 comment
Open

[SCRAM] Implement SCRAM register-client flow on the client portal #187

interestIngc opened this issue Feb 13, 2025 · 1 comment
Assignees
@huzaifamk
Labels
enhancement New feature or request

Comments

@interestIngc
Copy link
Collaborator

interestIngc commented Feb 13, 2025
edited
Loading

Implement the new register-client flow with a goal to support SCRAM authentication on the client portal.
We have to:

  • Fetch the parameters required to generate storedKey and serverKey on frontend, i.e. iterationCount and salt (that can be achieved by creating a new endpoint register-client-precheck on backend to return this data given client username)
  • generate saltedPassword, storedKey and serverKey on frontend as per the sequence diagrams
  • Send client-specific data (username, backend_uri, redirect_uri, etc) as well as hashes that now represent user's password (i.e. storedKey and serverKey) to the backend
  • On the backend, persist this data into the clients table

Acceptance criteria:

  1. Put all the changes necessary to implement this functionality under version v2 (i.e. new API endpoints, API endpoint modifications, as well as new methods)
  2. The client is successfully able to register using the new flow
  3. storedKey and serverKey are persisted into the clients table instead of the password
  4. Implementation is fully covered with unit tests
@interestIngc interestIngc added the enhancement New feature or request label Feb 13, 2025
@github-project-automation github-project-automation bot moved this to 📋 Backlog in Layer8 Feb 13, 2025
@interestIngc interestIngc moved this from 📋 Backlog to Specification Done in Layer8 Feb 13, 2025
@NJavokhir NJavokhir self-assigned this Feb 15, 2025
@NJavokhir NJavokhir moved this from Specification Done to 🏗 Implementation in Layer8 Feb 15, 2025
@NJavokhir
Copy link
Contributor

NJavokhir commented Feb 15, 2025
edited
Loading

Image

This is sequence diagram for implementing SCRAM Register Client Flow. For more, here is the link
https://excalidraw.com/#room=afd0f1b92250b20f7fc4,3zjNg1wl63K_dHV4mDBpUw

@interestIngc interestIngc assigned huzaifamk and unassigned NJavokhir Feb 25, 2025
@interestIngc interestIngc moved this from 🏗 Implementation to Specification Done in Layer8 Feb 25, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@huzaifamk huzaifamk

Labels
enhancement New feature or request
Projects
Layer8
Status: Specification Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@interestIngc @huzaifamk @NJavokhir