Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-3088 Support CloudEvents 1.0 Specification
  3. OPT-3152

CloudEvents Spec compliant Event Ingest API authorization

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: L3 - Default L3 - Default
    • 3.0.0-alpha1, 3.0.0
    • None
    • backend
    • None

      Context:
      The CloudEvents 1.0 Specification has specific requests on how authorization should be implemented for web hooks https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#3-authorization .

      AT:

      • the authorization implementation complies with the CloudEvents 1.0 Specification

        This is the controller panel for Smart Panels app

            [OPT-3152] CloudEvents Spec compliant Event Ingest API authorization

            Sebastian Bathke created issue -
            Sebastian Bathke made changes -
            Component/s New: backend [ 13653 ]
            Sebastian Bathke made changes -
            Description Original: *Context:*
            The CloudEvents 1.0 Specification has specific requests on how authorization should be implemented for web hooks https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#3-authorization .

            *AT:*
            - the authorization implementation complies with the CloudEvents 1.0 Specification             		New: *Context:*
            The CloudEvents 1.0 Specification has specific requests on how authorization should be implemented for web hooks https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#3-authorization .

            *AT:*
            - the authorization implementation complies with the CloudEvents 1.0 Specification
            -- is the custom header used fine?
            -- at least a query parameter alternative to the header MUST be added
            Sebastian Bathke made changes -
            Summary Original: Migrate Ingest API authorization to comply with CloudEvents Spec New: CloudEvents Spec compliant Event Ingest API authorization
            Sebastian Bathke made changes -
            Status Original: Open [ 1 ] New: In Development [ 10312 ]
            Sebastian Bathke made changes -
            Assignee New: Sebastian Bathke [ sebastian.bathke ]
            Sebastian Bathke made changes -
            Description Original: *Context:*
            The CloudEvents 1.0 Specification has specific requests on how authorization should be implemented for web hooks https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#3-authorization .

            *AT:*
            - the authorization implementation complies with the CloudEvents 1.0 Specification
            -- is the custom header used fine?
            -- at least a query parameter alternative to the header MUST be added             		New: *Context:*
            The CloudEvents 1.0 Specification has specific requests on how authorization should be implemented for web hooks https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#3-authorization .

            *AT:*
            - the authorization implementation complies with the CloudEvents 1.0 Specification
            -- header to transport the secret must be `Authorization` according to [Authorization Request Header Field|https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#31-authorization-request-header-field]
            Sebastian Bathke made changes -
            Description Original: *Context:*
            The CloudEvents 1.0 Specification has specific requests on how authorization should be implemented for web hooks https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#3-authorization .

            *AT:*
            - the authorization implementation complies with the CloudEvents 1.0 Specification
            -- header to transport the secret must be `Authorization` according to [Authorization Request Header Field|https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#31-authorization-request-header-field]             		New: *Context:*
            The CloudEvents 1.0 Specification has specific requests on how authorization should be implemented for web hooks https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#3-authorization .

            *AT:*
            - the authorization implementation complies with the CloudEvents 1.0 Specification
            -- header to transport the secret must be `Authorization` according to [Authorization Request Header Field|https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#31-authorization-request-header-field]
            -- it must be possible to provide this parameter as query parameter according to [URI Query Parameter|https://github.com/cloudevents/spec/blob/v1.0/http-webhook.md#32-uri-query-parameter]
            Sebastian Bathke made changes -
            Status Original: In Development [ 10312 ] New: In Review [ 10212 ]
            Sebastian Bathke made changes -
            Assignee Original: Sebastian Bathke [ sebastian.bathke ] New: Joshua Windels [ joshua.windels ]
            Joshua Windels made changes -
            Status Original: In Review [ 10212 ] New: In Specification [ 10000 ]

              Unassigned Unassigned
              sebastian.bathke Sebastian Bathke
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: