Closed aaronc closed 2 days ago
ACK
👍
ACK
I don't understand why are we introducing such a breaking change. Couldn't we just name the authz
module authorization
instead? This is clearer as the authn/z
abbreviations could be read as auth-n
auth-z
by non native english speakers.
I don't see an issue with reading as auth-n
and auth-z
. Is that really a problem? The important piece is to dimabiguate them from eachother.
We originally were just calling authz
authorization
, but having two modules (x/auth
and x/authorization
) is what was causing the initial confusion.
why don't we just rename authz
to authorization
? SDK devs are already familiar with the auth
module and what it does... My take on this is that the breaking change is just not worth it
why don't we just rename
authz
toauthorization
? SDK devs are already familiar with theauth
module and what it does... My take on this is that the breaking change is just not worth it
One (possibly bad) reason not to do this is because it makes protobuf type URLs longer - cosmos.authz
vs cosmos.authorization
We could also have auth
and authz
and just not do the rename of auth
-> authn
We could also have auth and authz and just not do the rename of auth -> authn
I don't have a strong opinion on the authz renaming, but I'm strongly against the auth -> authn renaming because it's such a large breaking change for other applications
@alexanderbez do you have any thoughts here? We moved forward because you ACK'ed but I would be fine keeping auth
as is if there's strong opposition. @alessio ?
IMHO authn
is a better name. I agree with @fedekunze though, I suspect the change wouldn't be very warmly welcomed by application developers. How about postponing the auth
-> authn
renaming to Cosmos SDK v1.0?
IMHO
authn
is a better name. I agree with @fedekunze though, I suspect the change wouldn't be very warmly welcomed by application developers. How about postponing theauth
->authn
renaming to Cosmos SDK v1.0?
Totally fine to postpone it
Moving to icebox as this will ideally be addressed in the x /auth & x/bank refactor. Possibly with two modules in parallel (new & old auth / authz).
A proposed API for a new authn
module is in #9369.
Summary
x/auth
->x/authn
x/msg_authorization
module (#7105 #7370) ->x/authz
Problem Definition
We will have two modules with the abbreviation
auth
in their name but which deal with two slightly different concerns.x/auth
deals primarily with "authentication". From Oxford authentication isx/msg_authorization
deals with what an "authenticated" user is "authorized" to do. From Oxford authorization isWhich seems pretty consistent with what
x/msg_authorization
does.Proposal
There is a fair amount of precedent for using
authn
andauthz
as abbreviations for authentication and authorization respectively, as well as forauth
alone being confusing:So how about
x/auth
becomesx/authn
andx/msg_authorization
becomesx/authz
?For Admin Use