Nutzerpropagierung OAuth2 #455

New Issue

mpeltriaux · 2024-12-23T13:13:26+01:00

mpeltriaux commented

2024-12-23 13:13:26 +01:00

Status quo

Arnova encrypts user data on user propagation, which needs to be decrypted on konova side. The used key is a static private key, which is configured on arnova's and konova's .env files.

Optimization

Instead of a static private key, we could find a way to use the standardized OAuth protocol to propagate user data. Since this is a non-human-based interaction we would need another OAuth configuration for konova. (One for user based interaction like login, the other one for automated tasks, like propagation of user data). Currently there is only a 1:1 scheme implemented on arnova, which allows a specific OAuth configuration for a registered application. Therefore this issue needs some planning in the first place.

# Status quo Arnova encrypts user data on user propagation, which needs to be decrypted on konova side. The used key is a static private key, which is configured on arnova's and konova's .env files. # Optimization Instead of a static private key, we could find a way to use the standardized OAuth protocol to propagate user data. Since this is a non-human-based interaction we would need another OAuth configuration for konova. (One for user based interaction like login, the other one for automated tasks, like propagation of user data). Currently there is only a 1:1 scheme implemented on arnova, which allows a specific OAuth configuration for a registered application. Therefore this issue needs some planning in the first place.

mpeltriaux added the

enhancement

label 2024-12-23 13:13:27 +01:00

Sign in to join this conversation.