Idea #3532
closed
[Keep] Keepstore queries API server to verify tokens
Added by Tom Clegg over 9 years ago.
Updated about 5 years ago.
Description
- Maintain a cache {token → (is_admin, verified_timestamp, expires_at)} with configurable TTL, so a series of N PUT/DELETE requests doesn't result in N token verifications.
- The same token cache will also be useful in the future for things like enforcing storage quotas, so please make it easy to add fields to the cache values.
- The token cache should be used to check validity of the client token during each PUT request (
expires_at must not be in the past) and DELETE request (expires_at must not be in the past, and is_admin must be true).
Work in progress:
- 2769-keep-lookup-admin-tokens branch
- Very similar code exists already in keepproxy. Refactor this as a module that can be used by both servers?
- Description updated (diff)
- Status changed from New to In Progress
- Assigned To set to Tim Pierce
- Target version changed from Arvados Future Sprints to 2014-08-27 Sprint
Moving into 2014-08-27 sprint, as the principal work is done and this should only need review.
- Story points changed from 2.0 to 1.0
- Target version changed from 2014-08-27 Sprint to Arvados Future Sprints
- Subject changed from [Keep] Blob server queries API server to verify tokens used in DELETE requests to [Keep] Blob server queries API server to verify tokens
- Description updated (diff)
- Subject changed from [Keep] Blob server queries API server to verify tokens to [Keep] Keepstore queries API server to verify tokens
- Description updated (diff)
- Category set to Keep
- Status changed from In Progress to New
- Assigned To deleted (
Tim Pierce)
- Target version changed from Arvados Future Sprints to 2015-02-18 sprint
- Assigned To set to Tim Pierce
- Story points changed from 1.0 to 2.0
- Assigned To changed from Tim Pierce to Radhika Chippada
After talking to Tim, I am assigning this to me. Tim will guide me through the development as needed.
- Target version changed from 2015-02-18 sprint to Arvados Future Sprints
- Assigned To deleted (
Radhika Chippada)
- Status changed from New to Closed
- Target version deleted (
Arvados Future Sprints)
Also available in: Atom
PDF
Updated by 
Updated by Tim Pierce 
Updated by Radhika Chippada 
Updated by Tom Morris