Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BACK-2637] palmtree api #90

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Conversation

lostlevels
Copy link
Contributor

Same as #58 , just trying to see if stoplight will update.

Jimmy Phan and others added 4 commits September 12, 2023 13:21
This adds attestation and assertion documentation. Attestation is the verifying
an app is a valid instance of an iOS app and assertion is requesting a secret
of some kind after attestation is verified, in this case X.509 certificates
that can be used for client authentication.

Add response to successful assertion.
@lostlevels lostlevels force-pushed the BACK-2637-palmtree-api branch from b16b2b0 to 3523ade Compare September 12, 2023 20:22
type: string
minLength: 1
enum:
- Coastal
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since each of these enums aligns with a particular type of partner data, it would make sense to lift the oneOf up a level to the clientData object, so that a user can't supply "PalmTree" for the partner, which a verification from Coastal, and vice versa.

content:
type: string
pattern: '^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$'
description: base64 encoded X.509 certificate in DER format.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Huh, kinda weird that they just don't use PEM here, but I guess base64-encoded DER saves a few bytes probably... shrug. Just a weird observation.

type: object
properties:
type:
type: string
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is likely an enum of some sort?

properties:
body:
type: string
description: PEM encoded certificate.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LOL, so Palm Tree uses PEM and Coastal Base64-encoded DER. Weird.

@@ -0,0 +1,4 @@
title: Base64
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this file referenced anywhere?

It'd be good if it could be used, as it's hard to proof check that regex pattern in the many places it's used, especially compared to proofchecking the spelling of "base64.v1.yaml" :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants