Requests: Auth token value supplied in requests should be SHA256 of client auth token rather than actual value

SUSE / telemetry-server

Proof of Concept Telemetry Server scaffolding

Apache License 2.0

2 stars 0 forks source link

Requests: Auth token value supplied in requests should be SHA256 of client auth token rather than actual value #5

Closed rtamalin closed 1 month ago

rtamalin commented 2 months ago

For the proof of concept implementation the auth token value was used, but in the long run we should switch to using the SHA256 of the auth token value.

As an interim solution we should support clients sending either the auth token, or the SHA256 of the auth token, and then once SUSE/telemetry#6 is implemented we can remove the support for the raw auth token value.

rtamalin commented 1 month ago

Closing this issue as we have switched to using JWT auth tokens per #35