search

umts / microservices-engine

Rails engine for attaching to our microservices and handling inter-service communication.
MIT License
0 stars 1 forks source link

Use tokens for inter-service traffic #25

Open dfaulken opened 7 years ago

dfaulken commented 7 years ago

We have API tokens for interacting with the router, but not for inter-service traffic.

dfaulken commented 7 years ago

@Anbranin and I discussed some of the difficulties here:

The currently proposed token system for engine-router traffic requires manual synchronization of tokens for each service, which isn't so bad — but it would be cumbersome to enact a similar system for every combination of services that need to talk to each other (it's not a coincidence that this is referred to in combinatorics as a handshake problem).

The naïve solution would be that when the router gives services information about each other, it should include the token, and then the router-engine system can be used between services — but then this violates the "don't send keys over the air" principle that is the entire point of the proposed engine-router solution.

bgregg commented 7 years ago

I am working on the next part of this, the actual authentication of the tokens