SelfPrivacy
/
selfprivacy.org.app
10
7
Fork 5
Code Issues 75 Pull Requests 3 Projects 1 Releases 24 Wiki Activity

Post-installation provider token management #450

New Issue
Open
opened 2024-02-05 13:19:27 +02:00 by inex · 0 comments
inex commented 2024-02-05 13:19:27 +02:00
Owner

Description

App communicates with APIs of three kinds:

  • Server providers
    • Hetzner
    • Digital Ocean
  • DNS providers
    • Cloudflare
    • DeSec
    • Digital Ocean
  • Backup storage
    • Backblaze

Right now:

  • Tokens can only be set during server installation or initial connection
  • They can't be changed afterwards
  • App doesn't detect token expiration
  • App expects that there are active tokens of all providers
    • It should work without them when the server is deployed, but it is a part of #440 refactor
  • Only one token of each kind may be set

How it should be:

  • Tokens can be updated manually by the user
  • When token expires, app detects it and suggests the user to update it (or remove entirely)
  • Several tokens of the same kind (provider may vary) stored in the app
    • Will require changes in how we store tokens in the Hive
    • Will require a data migration
  • App knows the connection between the token and resources it manages
  • We need support for several tokens to implement, for example, migration between providers
  • When updating existing token, app has to check if the new token manages the associated resource
    • Similar to logic used in server recovery

UI

  • There should be an "API tokens" button in the "more" section
  • The "API tokens" screen should show cards of each connected token
    • The token itself isn't shown
    • It shows the status of the token (valid/invalid)
    • It shows the associations of the token with resources
    • It allows to update the token or delete it
  • The "API tokens" should have a button to add a new token. Probably a FAB
  • Provider selection might look similar to how it looks like in server installation

Acceptance criteria

Stage 1

  • User is able to change the token of the existing provider connection

Stage 2

  • User is able to add and remove provider tokens
  • Tokens properly migrate from the old storage schema

Context and notes

Existing ProvidersController assumes there is only a single provider API key, which is used in a current server. Because right now we don't have migrations and multi-tenancy, for now it should just use the token which manages the current resource (server itself, its domain and backblaze bucket)

Closes #366

## Description App communicates with APIs of three kinds: - Server providers - Hetzner - Digital Ocean - DNS providers - Cloudflare - DeSec - Digital Ocean - Backup storage - Backblaze ### Right now: - Tokens can only be set during server installation or initial connection - They can't be changed afterwards - App doesn't detect token expiration - App expects that there are active tokens of all providers - It should work without them when the server is deployed, but it is a part of #440 refactor - Only one token of each kind may be set ### How it should be: - Tokens can be updated manually by the user - When token expires, app detects it and suggests the user to update it (or remove entirely) - Several tokens of the same kind (provider may vary) stored in the app - Will require changes in how we store tokens in the Hive - Will require a data migration - App knows the connection between the token and resources it manages - We need support for several tokens to implement, for example, migration between providers - When updating existing token, app has to check if the new token manages the associated resource - Similar to logic used in server recovery ### UI - There should be an "API tokens" button in the "more" section - The "API tokens" screen should show cards of each connected token - The token itself isn't shown - It shows the status of the token (valid/invalid) - It shows the associations of the token with resources - It allows to update the token or delete it - The "API tokens" should have a button to add a new token. Probably a FAB - Provider selection might look similar to how it looks like in server installation ## Acceptance criteria ### Stage 1 - User is able to change the token of the existing provider connection ### Stage 2 - User is able to add and remove provider tokens - Tokens properly migrate from the old storage schema ## Context and notes Existing `ProvidersController` assumes there is only a single provider API key, which is used in a current server. Because right now we don't have migrations and multi-tenancy, for now it should just use the token which manages the current resource (server itself, its domain and backblaze bucket) Closes #366
inex added the
Feature request
Priority
Medium
Severity
Medium
Source
Core Team
 labels 2024-02-05 13:19:27 +02:00
inex added the
Refactor
 label 2024-02-05 13:22:28 +02:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
inex/flatpak-fix
translations
master
inex/april-refactor
def/feat_copy_onSecondaryTap_about_page
add_complated_state_for_jobs_widget
add_load_animation_to_providers
add_loading_caption_to_providers
backblaze-refactor
update_description
dto
restore-strategy
backups-testing
def/md_edit
routes-refactor
error-handling
v.0.6.0-semver
cicd
fdroid
0.11.0
0.10.1
0.10.0
0.9.1
0.9.0
0.8.0
0.7.0
0.7.0-test
0.6.0-test
0.6.0
v.0.6.0
v.0.5.3
v.0.5.2
v0.5.2
v.0.5.1
v.0.5.0
v.0.4.2
v.0.4.0
v.0.3.0
v.0.2.4
v.0.1.3
v.0.1.2
v.0.1.1
v.0.1.0
Labels
Clear labels   
Blocked

Issue that can't be resolved right now due to some circumstances   
Bug

Discovered issue that affects regular operation   
Contributions welcome
   
Did not do

Issue is not queued for resolution due to low priority or introduced difficulties during the resolution   
Errata

Known issue with available workaround   
Feature request

Functionality/usability enchansement   
Fixed

Issue resolved in one of the application/backend releases   
How To

Question, regarding product operation   
Invalid
   
Needs design

A sketch or detailed description of the feature look is wanted   
No resolution

Issue is not queued for resolution due to architecture pecularities
  
Priority
Critical
   
Priority
High
   
Priority
Low
   
Priority
Medium
  
Providers
Digital Ocean
Issues related to Digital Ocean REST API   
Providers
Hetzner
Issues related to Hetzner REST API
  
Refactor
  
Severity
High
   
Severity
Low
   
Severity
Medium
  
Source
Community
Feature requests and bugs reported on our support chats   
Source
Core Team
   
Source
Stakeholders
Kirill, NLnet, and others
  
Translations
   
Under investigation

Issue details are currently being investigated
No Label
Blocked
Bug
Contributions welcome
Did not do
Errata
Feature request
Fixed
How To
Invalid
Needs design
No resolution
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Providers
Digital Ocean
Providers
Hetzner
Refactor
Severity
High
Severity
Low
Severity
Medium
Source
Community
Source
Core Team
Source
Stakeholders
Translations
Under investigation
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: SelfPrivacy/selfprivacy.org.app#450
There is no content yet.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?