Membrane Backend: A centralized authentication service for Single Sign-On (SSO) enabling seamless token-based email verification across multiple client applications.
Currently, our testing infrastructure generates and stores keypairs on the filesystem. While these are only test keys, their presence triggers warnings from automated scans. To enhance security and eliminate these warnings, we should transition to generating and managing these keypairs in-memory.
Objective
Avoid triggering automated scan warnings.
Enhance security by ensuring test keys are ephemeral and never touch the disk.
Requirements
Implement an in-memory mechanism for generating and storing keypairs during testing.
Ensure existing tests relying on filesystem-based keys are refactored to use the in-memory keypairs.
Verify that the solution works consistently across all testing scenarios.
Overview
Currently, our testing infrastructure generates and stores keypairs on the filesystem. While these are only test keys, their presence triggers warnings from automated scans. To enhance security and eliminate these warnings, we should transition to generating and managing these keypairs in-memory. Objective
Requirements