Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

open-payments client should validate management url format #247

Open
sabineschaller opened this issue Feb 3, 2023 · 0 comments
Open

open-payments client should validate management url format #247

sabineschaller opened this issue Feb 3, 2023 · 0 comments
Labels
good first issue Good for newcomers hacktoberfest pkg: open-payments Changes in the open-payments package type: specification Changes to the specification

Comments

@sabineschaller
Copy link
Member

sabineschaller commented Feb 3, 2023

Anytime we return an access_token in the open-payments client (grant creation, grant continuation, token rotation), the access_token format should always match the format: ${grant.authServer.url}/token/${grant.managementId}.

Related thread

Note: because the client validates responses against the spec, we can also add a regex to the spec directly for checking this, something similar to how we define the pattern for receiver: pattern: '^(https|http)://(.+)/incoming-payments/(.+)$'.

@mkurapov mkurapov transferred this issue from interledger/rafiki Mar 22, 2023
@mkurapov mkurapov moved this to Backlog in Open Payments Jun 28, 2023
@mkurapov mkurapov added pkg: open-payments Changes in the open-payments package type: specification Changes to the specification good first issue Good for newcomers labels Oct 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Good for newcomers hacktoberfest pkg: open-payments Changes in the open-payments package type: specification Changes to the specification
Projects
Status: Backlog
Development

No branches or pull requests

2 participants