gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-docs] branch master updated: merchant backend: change auth API to


From: gnunet
Subject: [taler-docs] branch master updated: merchant backend: change auth API to make it harder to shoot yourself in the foot
Date: Mon, 01 Mar 2021 11:08:40 +0100

This is an automated email from the git hooks/post-receive script.

dold pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new 10ccede  merchant backend: change auth API to make it harder to shoot 
yourself in the foot
10ccede is described below

commit 10ccedeb75c2dd779808412883fb06d19935b0c8
Author: Florian Dold <florian@dold.me>
AuthorDate: Mon Mar 1 11:08:31 2021 +0100

    merchant backend: change auth API to make it harder to shoot yourself in 
the foot
---
 core/api-merchant.rst | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/core/api-merchant.rst b/core/api-merchant.rst
index 1f96ae6..e2ec56c 100644
--- a/core/api-merchant.rst
+++ b/core/api-merchant.rst
@@ -825,11 +825,21 @@ Setting up instances
       // Merchant name corresponding to this instance.
       name: string;
 
-      // "Authentication" header required to authorize management access the 
instance.
-      // Optional, if not given authentication will be disabled for
-      // this instance (hopefully authentication checks are still
-      // done by some reverse proxy).
-      auth_token?: string;
+      // Authentication settings for this instance
+      auth: {
+        // Type of authentication.
+        // "external":  The mechant backend does not do
+        //   any authentication checks.  Instead an API
+        //   gateway must do the authentication.
+        // "token": The merchant checks an auth token.
+        //   See "token" for details.
+        method: "external" | "token";
+
+        // For method "external", this field is mandatory.
+        // It specifies the "Authentication" HTTP header required to
+        // authorize management to access the instance.
+        token?: string;
+      }
 
       // The merchant's physical address (to be put into contracts).
       address: Location;

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]