andrewnicols
commented
3 years ago As an alternative, we can state that the maximum length of a sourcedId is only 255 characters.
Open andrewnicols opened 4 years ago
andrewnicols
commented
3 years ago As an alternative, we can state that the maximum length of a sourcedId is only 255 characters.
Describe the bug The OneRoster
sourcedIdfield is a GUID 1, which is itself a String 2, and String types can be up to 256 characters in length 3.The idnumber field on the user table is a varchar(255), and has an index.
Additionally it is not possible to have indexes larger than 255 characters (see MDL-69629 for related issues).
We need to encode the sourcedId into a fixed-length field < 256 characters to reliably support the full potential range of sourcedId values.
One way in which we can do this is to SHA encode the sourcedId which will give us. A SHA1 hash should provide sufficient entropy and does not pose any security issue as this is not used for passwords.
This needs doing for all sourcedId field, and we may additionally want to include a mapping table from sourcedId to sha1 to act as a limited rainbow table for fetching data from the REST API using sourcedId fetched from an idnumber.