search

CrunchyBagel / TracePrivately

A privacy-focused app using Apple's soon-to-be-released contact tracing framework.
MIT License
351 stars 27 forks source link

Server API changes #47

Closed HendX closed 4 years ago

HendX commented 4 years ago

Add support for expires_at (#29 and #46); breaking change to key submission: each key element is now an object instead of a string. This is so additional data can be included with each key if necessary.

HendX commented 4 years ago

@tatey before I merge this, can you review the changes to:

1) The expires_at addition to KeyServer.yaml to ensure it's compatible with your implementation 2) The change to the submit endpoint, as the key data is now submitted as an object.

Basically, instead of: [ "1234" ], it's [ {d: "1234"} ]

tatey commented 4 years ago

Looks great :+1:. I'll update my implementation to be compatible. Did you want want to make retrieving the infected keys have a similar data structure for consistency?

tatey commented 4 years ago

This has been done in https://github.com/tatey/trace_privately/commit/25cb18db9901611994ab3c8000fcfda5c24ceee2 and deployed to demo server.

HendX commented 4 years ago

Hmm good question. It doesn’t look like the extra data is needed for diagnosis and it may blowout the response size.

My hunch is to leave that as-is for now.

tatey commented 4 years ago

Cool. That works for me.

HendX commented 4 years ago

@tatey i take that back... need to also return extra data when retrieving keys. I’m just working on a patch now to include the rolling start number with each key (“r” parameter, unsigned 32 bit int).

As mentioned in another thread, I think the server needs to also offer a binary stream for retrieving keys, so going to also add this.

tatey commented 4 years ago

Done in https://github.com/tatey/trace_privately/commit/ffdda230836d9e292d03b81a1d3958ef681a78e1.

tatey commented 4 years ago

i take that back... need to also return extra data when retrieving keys. I’m just working on a patch now to include the rolling start number with each key (“r” parameter, unsigned 32 bit int).

Sorry, I'm confused. Are you saying that GET /api/infected should return the keys as [{d: "abc", r: 1})]or just the params that are sent to POST /api/submit?

My patch only adds support for the latter.

HendX commented 4 years ago

Initially I replied for only the submit endpoint when you asked, but today I realised I need those rolling start numbers downloaded too.

The head branch contains the implementation for this now. Apologies about this.

HendX commented 4 years ago

I just noticed the KeyServer.yaml hadn't been updated in head to describe this change, that might be part of the confusion. Just updated:

https://github.com/CrunchyBagel/TracePrivately/commit/0e6d7331b08a733aa9a5245fba857b6d1a9bb83b

tatey commented 4 years ago

Thanks for the heads up. Fixed in https://github.com/tatey/trace_privately/commit/6a9e34c92bc005139dbfc9575204c2d1d09dba60.