Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization strategy and implementation for submissions endpoint #15801

Closed
jalbinson opened this issue Sep 6, 2024 · 4 comments
Closed

Authorization strategy and implementation for submissions endpoint #15801

jalbinson opened this issue Sep 6, 2024 · 4 comments
Assignees
@jalbinson
Labels
microservice Tickets that are required to properly support the microservice arch platform Platform Team

Comments

@jalbinson
Copy link
Collaborator

jalbinson commented Sep 6, 2024
edited
Loading

User Story

As a sender onboarded to ReportStream, I want to be authorized to hit the submissions endpoint

Description/Use Case

We want to only allow authorized senders to hit the submissions endpoint.

Risks/Impacts/Considerations

A nefarious user could submit false reports which could skew public health data.

Dev Notes

  • Look into custom claims block in Okta to see if its easily possible to inject the org name for easy comparison during authorization check
  • Reports in send step may contain thousands of items so a single event wont be able to hold all the condition data. One option is to create a "ItemSentEvent" for each ITEM in the report.

Acceptance Criteria

  • Decide under which Okta authorization server clients orgs should live
  • Scopes and extra claims clearly defined for organizational users
  • Authz strategy implemented for submission endpoint (probably @PreAuthorize annotation)
  • Come up with approach for authorization in Azure Functions app that does not depend on Spring
  • unit tests
@jalbinson jalbinson added the platform Platform Team label Sep 6, 2024
@arnejduranovic arnejduranovic added ready-for-refinement Ticket is a point where we can productively discuss it microservice Tickets that are required to properly support the microservice arch labels Sep 9, 2024
@Andrey-Glazkv
Copy link
Collaborator

Hey team! Please add your planning poker estimate with Zenhub @adegolier @arnejduranovic @brick-green @david-navapbc @jack-h-wang @jalbinson @JFisk42 @mkalish @thetaurean

@Andrey-Glazkv Andrey-Glazkv removed the ready-for-refinement Ticket is a point where we can productively discuss it label Sep 9, 2024
@dylansmith-Nava
Copy link
Collaborator

dylansmith-Nava commented Sep 9, 2024
edited
Loading

Linking some of the prior research here:

The general understanding of the research was that verification by Okta to securely log into and use the RS platform =/= "you are who you say you are". That is, you could be verified by Okta but still be a shady organization that we know nothing about. To really know whether an organization is or isn't nefarious, we'd need a level of Identity Proofing which we don't have yet.

So it's important to point out that this ticket would NOT mitigate or reduce the only stated risk.

@jalbinson
Copy link
Collaborator Author

Decisions made in this ticket are documented in the UP SRD under "Authorization Service Software Requirements"

@arnejduranovic
Copy link
Collaborator

The SRD this ticket updated will be implemented here: #14601

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jalbinson jalbinson

Labels
microservice Tickets that are required to properly support the microservice arch platform Platform Team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jalbinson @arnejduranovic @Andrey-Glazkv @dylansmith-Nava @MichaelEsuruoso