Summary
- Review Ethereum signing with Vault
- Review Authentication page for client apps using Vault
- Review Authentication process for client app using web socket security
- Review automated testing progress
Today's meeting's full recording:
Since Pritam could not attend, he sent in this recorded demo for his portion:
Pritam Demo for 2021-11-08.mp4
A short demo of the ws-wallet REST API used by 3rd party apps to request a web-socket key from a user's wallet
Time:
- Monday at 09 AM Pacific
- Add Climate Action and Accounting SIG calls to your calendar
Dial-In Information: [ZOOM]
You can join either from your computer or from your phone:
- From computer: https://zoom.us/j/6223336701?pwd=dkJKdHRlc3dNZEdKR1JYdW40R2pDUT09
- From phone: +1(855)880-1246 (toll free US number) or view International numbers
Meeting ID: 622 333 6701
|
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
3 Comments
Si Chen
Bertrand WILLIAMSRIOUXI put our discussion in 343 as a comment. I think we're very close. We're going to work on using web socket security in https://github.com/opentaps/opentaps_seas to have a production implementation of your work.
Bertrand WILLIAMSRIOUX
Si Chen the REST API for ws-wallet has been introduced in PR 361.
Running ws-wallet on PORT 9090 exposing POST /session/new/
request body should include the "key_name" and the fabric app "endpoint" used to request new ws-identity session tickets
(e.g., "http://localhost:8080/api/v1/utilityemissionchannel/identity/webSocket)
I opted for this approach, instead of passing a preconfigured sessionId with the ws:// url, because this allows the wallet user to check and authorize the specific application where the 3rd party app will use the web-socket key.
See short demo posted above
Si Chen
Pritam SinghThank you for your demo video. It was very helpful. Based on our discussion, please make the changes in issue 360 so we can integrate Vault security into https://github.com/opentaps/opentaps_seas to have a production implementation of your work.
Also please give me your feedback on how we can keep the Ethereum key from being passed to another application – I've created issue 359