Project Description

For many many years, OBS uses Cookies for authentication purposes. This is not really web application friendly and kind of insecure. For instance, all applications on *.opensuse.org domain that get a web request when you are logged into OBS, they get your authentication credentials too. Secondly, if you want to write a 3rd party tool, you can't just use another domain and do random API requests due to this legacy authentication method.

Solution is to wrap authentication into a simple proxy that will transform,

api_call(token, api_param1, api_param2) into api_call(api_param1, api_param2) + Cookie header and pass it onto the OBS API server.

Goal for this Hackweek

Make a proxy to API server (api.opensuse.org) that will proxy SPA API calls into legacy ones with Cookie authentication.

For bonus points, a login and logout service too.

Resources

Since it's for the web, we could use NodeJS add-emoji Ideally, there should be no npm dependencies here.

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 23

Activity

  • 8 months ago: adamm liked this project.
  • 8 months ago: adamm started this project.
  • 8 months ago: adamm originated this project.

  • Comments

    • adamm
      8 months ago by adamm | Reply

      The ultra-giant emoji is currently a feature of hackweek application. Issues filed.

    Similar Projects

    This project is one of its kind!