Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: use new authentication mechanism (access/refresh token) #663

Closed
theborakompanioni opened this issue Sep 19, 2023 · 5 comments · Fixed by #665
Closed

feat: use new authentication mechanism (access/refresh token) #663

theborakompanioni opened this issue Sep 19, 2023 · 5 comments · Fixed by #665
Assignees
@theborakompanioni
Labels
enhancement New feature or request
Milestone
v0.2.0 - Renewing...

Comments

@theborakompanioni
Copy link
Collaborator

Newest master of JM contains changes to the authentication mechanism.
See JoinMarket-Org/joinmarket-clientserver#1480 for more information.

From JSON-RPC-API-using-jmwalletd.md#rules-about-making-requests:

On initially creating, unlocking or recovering a wallet, a new access and refresh token will be sent in response, the former is valid for only 30 minutes and must be used for any authenticated call, the former is valid for 4 hours and can be used to request a new access token, ideally before access token expiration to avoid unauthorized response from authenticated endpoint and in any case, before refresh token expiration.

The OpenAPI spec can be found in wallet-rpc.yaml.

At the time of writing, this functionality has not been released and will probably land in JM v0.9.11.
@theborakompanioni theborakompanioni added the enhancement New feature or request label Sep 19, 2023
@theborakompanioni
Copy link
Collaborator Author

This has to be addressed as soon as possible in order for the development environment to work for everyone running npm run regtest:rebuild after commit JoinMarket-Org/joinmarket-clientserver@6e6e68b

If you are in this situation, you can rebuild the docker environment with a JM backend of tag v0.9.10 instead of master (adapt REPO_REF in file ./docker/regtest/dockerfile-deps/joinmarket/latest/Dockerfile) and execute npm run regtest:rebuild again.

@theborakompanioni theborakompanioni self-assigned this Sep 21, 2023
@theborakompanioni
Copy link
Collaborator Author

This has to be addressed as soon as possible in order for the development environment to work for everyone running npm run regtest:rebuild after commit JoinMarket-Org/joinmarket-clientserver@6e6e68b

If you are in this situation, you can rebuild the docker environment with a JM backend of tag v0.9.10 instead of master (adapt REPO_REF in file ./docker/regtest/dockerfile-deps/joinmarket/latest/Dockerfile) and execute npm run regtest:rebuild again.

Addressed by #664. Thanks @dergigi 🙏

@theborakompanioni theborakompanioni mentioned this issue Sep 22, 2023
Merged
@theborakompanioni
Copy link
Collaborator Author

So, this is generally ready for review. However, I am leaving it in "draft" mode as there is still an upstream problem with wallets that contain whitespaces, see JoinMarket-Org/joinmarket-clientserver#1480 (comment).

@roshii I'd highly appreciate if you could take a look. 🙏

@roshii
Copy link

roshii commented Sep 26, 2023

@roshii I'd highly appreciate if you could take a look. 🙏

I'm on it, ready by the end of the week latest.

@theborakompanioni
Copy link
Collaborator Author

@roshii I'd highly appreciate if you could take a look. 🙏

I'm on it, ready by the end of the week latest.

Nice. No time specifications required. Absolutely no urgency involved.
Thanks, brother 🧡

@roshii roshii mentioned this issue Sep 29, 2023
Merged
@theborakompanioni theborakompanioni moved this to In Progress ⌛ in JAM Oct 2, 2023
kristapsk added a commit to JoinMarket-Org/joinmarket-clientserver that referenced this issue Oct 6, 2023
@kristapsk
Merge #1562: JWT follow-up
28c8413 
c88429d JWT authority fixes (roshii)

Pull request description:

  - Fix JWT unit tests (`async` was somehow making tests always successful therefore hiding some issues)
  - Fix `WWW-Authenticate` header construction (#1480 (comment))
  - Encode wallet names with base64 in scopes to allow for space delimited names (#1480 (comment), joinmarket-webui/jam#663 (comment))
  - Fix syntax errors in OpenAPI RPC documentation (#1559)

Top commit has no ACKs.

Tree-SHA512: 6625c4c457c4caf3b4979505334c955bec50fcc0b01707e313dc772571c5c8c8b3ca359a18b5e67f1b0d0eb9b2b7c234ae9716d785234e8de0f3bfb76d53d29a
@github-project-automation github-project-automation bot moved this from In Progress ⌛ to Done ✅ in JAM Oct 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@theborakompanioni theborakompanioni

Labels
enhancement New feature or request
Projects
JAM
Status: Done
Milestone
v0.2.0 - Renewing Rhubarb
Development

Successfully merging a pull request may close this issue.

feat: new authentication mechanism (access/refresh token) joinmarket-webui/jam
2 participants
@theborakompanioni @roshii