-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use federatedCloudId instead of email for user identification between servers #102
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is an interesting proposal as the net sum is to add the username
of a remote user as known by the remote EFSS, on top of the email
identifier that indeed may not be related to the remote EFSS' domain.
I think some comment from @labkode as originally involved in the conception, as well as @michielbdejong, is more than welcome prior to merging this enhancement.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's not merge this until we understand the relationship between the proposed federatedCloudId
and the existing userId
It seems, that the invite is being accepted by As implemented in ScienceMesh So no need for the new filed in this PR. |
I think this The Proposal: |
That would be a breaking spec change with costs to implementers. What if instead we just improve how the existing |
That's right, that makes sense since it is already inside Reva and ScienceMesh, and they don't check if it is URL or FQDN. PS. For future reference, this is the Reva code for accepting an invite. |
So do we want to close this PR without merging then? |
Yes!
that would be in another PR. |
This PR changes 2 things:
userID
touserId
to be consistent withcamelCase
across the whole specification eg.providerId
invite-flow
calledfederatedCloudId
.recipientProvider
since it is redundant and is repeated onfederatedCloudId
.Reason behind the new field
Previously OCM used email as a way to identify remote users.
This is essential when a party tries to send a
share
ornotification
to another party because it is going to find the domain name of the recipient from their ID (which currently is set to email, look atReva
andScienceMesh
)This becomes problematic when the user's email name or domain is different than the user's username or provider domain. for example:
apollo.space
with usernamealice1998
and has email[email protected]
-> OKnasa.space
with usernamebob
and has email[email protected]
-> ProblemVendors can overcome this problem by not providing the user's email and just returning username@provider-domain in the email field.
I think it is a good idea to make a distinction between email and
federatedCloudId
.