@squarewolf
opened this Pull Request on June 24th 2013
@squarewolf
Additional security has been added by removing the private token from the actual request. To use the new authentication scheme, supply the following parameters:
- nonce: http://en.wikipedia.org/wiki/Cryptographic_nonce
- timestamp: the unix timestamp when the message was created
- access_token: the public access token matching the private token used to create the signature
- signature: a sha1 hash of the request parameters (excluding the signature) ordered as per http://oauth.net/core/1.0/#rfc.section.9.1.1, concatenated with the private key (in pseudo code:
signature = sha1(order_params(params) + private_key)))
TODO:
- [x] make private key private by excluding it from the actual request
- [ ] add nonce to the database to prevent replay attacks
- [ ] add timestamp timeout
- [ ] add two-tiered security scheme (i.e. unique public & private tokens per API client)
@mattab
commented
on July 16th 2013
@mattab
Thanks for the proposal! Sorry about no feedback earlier.
- In the function you can use uksort() instead of sorting then array manip.
- put the other code in a new private method
- See also coding standard guide: http://piwik.org/participate/coding-standards/
- Maybe post a working example of a code that uses this auth method instead of token_auth,
- and that shows to user (and us) how this feature solves a very nice problem (ie. token_auth kept secret)
It would be great to support OAuth like security, so I look forward to next update.
@mattab
commented
on September 6th 2013
Ping us to reopen PR, or we will reopen if you commit again, cheers!
This Pull Request was closed on September 6th 2013