Open AWegnerGitHub opened 6 years ago
Helios should grant MS a token, which should go in AppConfig. What are the helios endpoints for creating/revoking tokens?
@thesecretmaster Currently, Helios uses a different architecture for token management. Helios stores a cache of known tokens, and when it sees an unknown (new) token, it asks metasmoke if that token is valid. Kind of a backwards, but needs no shared secret between Helios and MS.
Revoking tokens is not yet implemented, but could be using a similar structure - MS sends a "hey, this token got revoked" message, then Helios queries metasmoke directly to verify. That way there's no MS token needed.
So helios needs a "Recheck token x" endpoint? Also, who's hosting helios?
Helios is serverless on AWS
Metasmoke should have the ability to generate/disable tokens that will allow instances of Smoke Detector to change data in Helios.
This will be part of the Integrate with MetaSmoke process we currently have.
This will require the following changes: