Development Task
The pisa proxy shall support an authentication mechanism based on HashiCorp Vault, the vault might on premise or hashicorp stuff.
For the moment we'd like to keep the keys in the vault and use paseto_token as authentication mechanism. https://github.com/rrrodzilla/rusty_paseto. The process will be the following:
- The user register in the vault is id:key in the vault, where key is a json { database_type:"", url:"", key:""}
- The user provide to Pisa the id.
- Pisa lookup to the vault microservice the id to fetch the key
- Add random data to the key
- Create a paseto token and give to the client, store inside a local cache (hash table).
- In each request proxy request the client add the paseto token.
@mlycore feedbacks.
Thanks to @giorgiozoppi , this is an issue proposed by him.
Development Task
The pisa proxy shall support an authentication mechanism based on HashiCorp Vault, the vault might on premise or hashicorp stuff.
For the moment we'd like to keep the keys in the vault and use paseto_token as authentication mechanism. https://github.com/rrrodzilla/rusty_paseto. The process will be the following:
@mlycore feedbacks.
Thanks to @giorgiozoppi , this is an issue proposed by him.