Replication secret encrypted in Web-UI #2759
Comments
|
Ongoing progress with this issue: We already special case our auto-created But for out |
|
The in-development Web-UI proposal is as follows: Note the terminal That is we surface our internal app's secret, but indicate all others as encrypted; with text explaining that they are only available during creation. I.e. we special case our cliapp as that is the only one we must preserve our knowledge of due to it's internal use nature. We need to authenticate against ourselves, and this same cliapp secret is a go-to for easing the setup of replication. |
Special-case our internal cliapp re secret availability. Indicate all non-internal Access Key secrets as only available during creation. ## Includes - Surfacing our pass/PGP encrypted raw secret to authenticated Web-UI logins. - Indicate all other API credentials as not available. - Brevity improvements re deletion attempt on cliapp message.
…pted-in-Web-UI Replication secret encrypted in Web-UI #2759
|
Closing as: |
Prior to "Update django-oauth-toolkit #2710" #2727 we stored our CLI app secret in the database: and exposed that value within the Web-UI (to admin Web-UI users) for use in replication. However the linked PR introduced a replication regression contextualised in "Replication regressions #2748".
It is proposed that, given the recent resolution of:
Issue: "Adopt dedicated secrets management library" #2728
PR: "Adopt dedicated secrets management library #2728" #2758
has again returned us to an install static CLIENT_SERCRET, we can approach the issue of surfacing this secret within the Web-UI again, and not in its current hashed form: an artifact of upstream changes in django-oauth-toolkit.
The text was updated successfully, but these errors were encountered: