Project

General

Profile

Feature #24165

Refactor credential handling

Added by Marco Mambelli 8 months ago.

Status:
New
Priority:
Normal
Category:
-
Target version:
Start date:
03/10/2020
Due date:
% Done:

0%

Estimated time:
Stakeholders:
Duration:

Description

In credential handling, there are many general codes and assumptions that could lead to bugs like [#24160].
It further lacks generality assuming the x509 certificates.
This is particularly important considering that the code will probably change to handle tokens.
Here a list that could be handled also in separate tickets:
  1. factor out general utility function like safe_update and compress+encode
  2. explicitly mention the type of credential and the format it is stored in and if it has a special purpose (e.g. compressed is not the same as compressed+key_value)
  3. clean the code using context managers when possible (os.file)
  4. be ready to handle multiple credential types for one entry (and multiple attempts)
    1. discuss w/ factory operators or SH meeting: specify the cred type or try all? 2 options (diff cred -> diff entry, try a list of entry and FE +stop at failure, try first one in entry list provided by FE)

Keep an eye on existing credential tickets, like [#23768]

Also available in: Atom PDF