Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add description for password protection of RelationshipTemplates and Tokens #287

Merged
merged 18 commits into from
Dec 19, 2024
Merged

Add description for password protection of RelationshipTemplates and Tokens #287

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
b24714b
fix: forIdentity property of RelationshipTemplate and Token is optional
britsta Dec 16, 2024
a5c1f93
feat: add passwordProtection property to RelationshipTemplate
britsta Dec 16, 2024
02f532d
feat: add paragraph within establish Relationships scenario
britsta Dec 17, 2024
2cdfc88
feat: use more appropriate links
britsta Dec 17, 2024
bb8df70
refactor: change order of sentences
britsta Dec 17, 2024
202be88
feat: add passwordProtection property to Token
britsta Dec 17, 2024
e20efa2
feat: add link to "Load Token" use case
britsta Dec 17, 2024
b7be5a1
feat: add runtime errors regarding password protection and personaliz…
britsta Dec 17, 2024
5a82f25
feat: add passwordProtection and password parameters to use cases
britsta Dec 17, 2024
87b59fb
feat: add personalization failure to load File use case
britsta Dec 17, 2024
1b50a52
feat: add noPasswordProvided error
britsta Dec 17, 2024
61e27c5
feat: add passwordProtection to create (get) device onboarding token …
britsta Dec 18, 2024
f862015
Merge branch 'main' into feature/password-protection-of-relationshipt…
mergify[bot] Dec 18, 2024
bfb6c50
Merge branch 'main' of https://github.com/nmshd/documentation into fe…
britsta Dec 19, 2024
363e930
feat: add forIdentity and passwordProtection to getters of Relationsh…
britsta Dec 19, 2024
a7bdf0b
feat: incorporate review comments
britsta Dec 19, 2024
15c9739
feat: incorporate PasswordProtectionDTO
britsta Dec 19, 2024
bb007f7
refactor: rephrase sentence
britsta Dec 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 25 additions & 35 deletions _docs_integrate/data-model-overview.md
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions _docs_integrate/establish-relationships.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ If the RelationshipTemplate is only for creating a Relationship with a single kn
// RelationshipTemplateContent or ArbitraryRelationshipTemplateContent
...
},
"forIdentity": "<address of Identity designated for RelationshipTemplate>"
"forIdentity": "<address of Identity the RelationshipTemplate is for>"
britsta marked this conversation as resolved.
Show resolved Hide resolved
}
```

Expand All @@ -114,7 +114,7 @@ If the RelationshipTemplate is to be protected by a password, the corresponding
}
```

To specialize the input field for password entry in the UI of the App, the value of the optional field `passwordProtection.passwordIsPin` can be set to `true` if the password consists of 4 to 16 digits.
To configure the input field for password entry in the UI of the App, the value of the optional field `passwordProtection.passwordIsPin` can be set to `true` if the password consists of 4 to 16 digits.
In this case, the password is interpreted as a pin and a corresponding input field is displayed when the pin needs to be entered.
However, if the value is `undefined`, a regular input field for entering the password is displayed regardless of whether it could also be interpreted as a pin.

Expand Down
4 changes: 2 additions & 2 deletions ...e-case-anonymous-load-token-by-truncated-reference-without-having-an-account.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ This can be used to fetch `Tokens` for Device Onboarding or Recovery.
## Parameters

- The `reference` that contains all information to load a Token.
- `password` to enter the password if the Token is protected by a password via its `passwordProtection` property.
- The `password` if the Token is protected by a password via its `passwordProtection` property.

## On Success

Expand All @@ -58,5 +58,5 @@ This can be used to fetch `Tokens` for Device Onboarding or Recovery.
## On Failure

- There is no `Token` that matches the `reference`.
- The Token is personalized to an [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) via the property `forIdentity` of the Token.
- The Token is personalized for another [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) via the property `forIdentity` of the Token.
- No `password` or an incorrect `password` was entered in case of a password protected Token.
4 changes: 2 additions & 2 deletions _docs_use-cases/use-case-transport-create-device-onboarding-token.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,13 +41,13 @@ required_by:

{% include properties_list.html %}

This use case retrieves the [Token]({% link _docs_integrate/data-model-overview.md %}#token) of a Device not yet onboarded that corresponds to the given Device `id` in order to onboard the Device to the Identity.
This use case retrieves the [Token]({% link _docs_integrate/data-model-overview.md %}#token) of a not yet onboarded Device that corresponds to the given Device `id` in order to onboard the Device to the Identity.

## Parameters

- `id` of the Device.
- `expiresAt` is the ISODateTime the Token expires at.
- `passwordProtection` can be specified as an [object for password protection of a Token]({% link _docs_integrate/data-model-overview.md %}#object-for-password-protection-of-token). If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to specialize the UI of the App in case the password is a pin.
- `passwordProtection` can be specified as an object for [PasswordProtection]({% link _docs_integrate/data-model-overview.md %}#passwordprotection) of a Token. If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to configure the UI of the App in case the password is a pin.

## On Success

Expand Down
2 changes: 1 addition & 1 deletion _docs_use-cases/use-case-transport-create-own-relationshiptemplate.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ A [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relat
- `content` describes the structure of the RelationshipTemplate. If an enmeshed App user shall receive this RelationshipTemplate, a [RelationshipTemplateContent]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplatecontent) is required as structure, otherwise an [ArbitraryRelationshipTemplateContent]({% link _docs_integrate/data-model-overview.md %}#arbitraryrelationshiptemplatecontent) containing any data can be used.
- `maxNumberOfAllocations` is the number of times the RelationshipTemplate can be accessed by different Identities to initiate a Relationship. The Backbone returns an error, if one accesses a RelationshipTemplate with no allocations left. Accessing the same RelationshipTemplate with the same Identity multiple times doesn't affect the number of allocations. The allocation counts, even if the Identity does not accept the RelationshipTemplate by discarding it.
- `forIdentity` can be set to an enmeshed address. If set, only the Identity with that `address` can access the RelationshipTemplate.
- Optionally, `passwordProtection` can be specified as an [object for password protection of a RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#object-for-password-protection-of-relationshiptemplate). If set, only the Identities that know the password specified within the `passwordProtection.password` property of the RelationshipTemplate can access it. In addition, the optional property `passwordProtection.passwordIsPin` can be used to specialize the UI of the App in case the password is a pin.
- `passwordProtection` can be specified as an object for [PasswordProtection]({% link _docs_integrate/data-model-overview.md %}#passwordprotection) of a RelationshipTemplate. If set, only the Identities that know the password specified within the `passwordProtection.password` property of the RelationshipTemplate can access it. In addition, the optional property `passwordProtection.passwordIsPin` can be used to configure the UI of the App in case the password is a pin.

## On Success

Expand Down
2 changes: 1 addition & 1 deletion _docs_use-cases/use-case-transport-create-own-token.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Creates a [Token]({% link _docs_integrate/data-model-overview.md %}#token) that
- `expiresAt` is the ISODateTime the Token expires at.
- `ephemeral` indicates if the Token should be ephemeral and thus not be stored and cached on the local database. This is especially useful for Tokens which are created regularly, e.g. for RelationshipTemplates and doesn't need to be stored.
- `forIdentity` can be set to an enmeshed address. If set, only the [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) with that `address` can load the Token from the Backbone.
- Optionally, `passwordProtection` can be specified as an [object for password protection of a Token]({% link _docs_integrate/data-model-overview.md %}#object-for-password-protection-of-token). If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to specialize the UI of the App in case the password is a pin.
- `passwordProtection` can be specified as an object for [PasswordProtection]({% link _docs_integrate/data-model-overview.md %}#passwordprotection) of a Token. If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to configure the UI of the App in case the password is a pin.

## On Success

Expand Down
2 changes: 1 addition & 1 deletion _docs_use-cases/use-case-transport-create-token-for-file.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Creates a [Token]({% link _docs_integrate/data-model-overview.md %}#token) for a
- Optionally, `expiresAt` can be specified, which describes the ISODateTime the Token expires at.
- Optionally, `ephemeral` can be specified, which indicates if the Token should be ephemeral and thus not be stored and cached on the local database. This is especially useful for Tokens which are created regularly, e.g. for [RelationshipTemplates]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) and don't need to be stored.
- Optionally, `forIdentity` can be specified, which names the `address` of the only [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) that will be able to load the Token from the Backbone.
- Optionally, `passwordProtection` can be specified as an [object for password protection of a Token]({% link _docs_integrate/data-model-overview.md %}#object-for-password-protection-of-token). If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to specialize the UI of the App in case the password is a pin.
- Optionally, `passwordProtection` can be specified as an object for [PasswordProtection]({% link _docs_integrate/data-model-overview.md %}#passwordprotection) of a Token. If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to configure the UI of the App in case the password is a pin.

## On Success

Expand Down
6 changes: 3 additions & 3 deletions _docs_use-cases/use-case-transport-create-token-for-own-relationshiptemplate.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ Creates a [Token]({% link _docs_integrate/data-model-overview.md %}#token) for a
- `expiresAt` is the ISODateTime the Token expires at.
- `ephemeral` indicates if the Token should be ephemeral and thus not be stored and cached on the local database. This is especially useful for Tokens which are created regularly, e.g. for RelationshipTemplates and doesn't need to be stored.
- `forIdentity` can be set to an enmeshed address. If set, only the [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) with that `address` can load the Token from the Backbone. If the RelationshipTemplate is already personalized via its `forIdentity` property, the Token created from it must have the same personalization.
- Optionally, `passwordProtection` can be specified as an [object for password protection of a Token]({% link _docs_integrate/data-model-overview.md %}#object-for-password-protection-of-token). If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to specialize the UI of the App in case the password is a pin. If the RelationshipTemplate is already password protected via its `passwordProtection` property, the Token created from it must have the same password protection.
- `passwordProtection` can be specified as an object for [PasswordProtection]({% link _docs_integrate/data-model-overview.md %}#passwordprotection) of a Token. If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to configure the UI of the App in case the password is a pin. If the RelationshipTemplate is already password protected via its `passwordProtection` property, the Token created from it must have the same password protection.

## On Success

Expand All @@ -63,6 +63,6 @@ Creates a [Token]({% link _docs_integrate/data-model-overview.md %}#token) for a
- `templateId` does not resolve to a RelationshipTemplate.
- The RelationshipTemplate is owned by another Identity, which means that the value of its `isOwn` property is `false`.
- `expiresAt` lies in the past.
- The RelationshipTemplate is personalized via its `forIdentity` property and the Token has not the same personalization via its `forIdentity` property.
- The RelationshipTemplate is password protected via its `passwordProtection` property and the Token has not the same password protection via its `passwordProtection` property.
- The RelationshipTemplate is personalized via its `forIdentity` property and the Token does not have the same personalization via its `forIdentity` property.
- The RelationshipTemplate is password protected via its `passwordProtection` property and the Token does not have the same password protection via its `passwordProtection` property.
- In case of password protection of the Token, a `passwordProtection.password` that does not consist of 4 to 16 digits was specified, but the value of `passwordProtection.passwordIsPin` was nevertheless set to `true`.
2 changes: 1 addition & 1 deletion _docs_use-cases/use-case-transport-create-token-qr-code-for-file.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ Creates a QR code for a [Token]({% link _docs_integrate/data-model-overview.md %
- `fileId` is the `id` of the File the Token and its QR code should be created for.
- Optionally, `expiresAt` can be specified, which describes the ISODateTime the Token expires at.
- Optionally, `forIdentity` can be specified, which names the `address` of the only [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) that will be able to load the Token from the Backbone.
- Optionally, `passwordProtection` can be specified as an [object for password protection of a Token]({% link _docs_integrate/data-model-overview.md %}#object-for-password-protection-of-token). If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to specialize the UI of the App in case the password is a pin.
- Optionally, `passwordProtection` can be specified as an object for [PasswordProtection]({% link _docs_integrate/data-model-overview.md %}#passwordprotection) of a Token. If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to configure the UI of the App in case the password is a pin.

## On Success

Expand Down
6 changes: 3 additions & 3 deletions ...e-cases/use-case-transport-create-token-qr-code-for-own-relationshiptemplate.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ Creates a QR code for a [Token]({% link _docs_integrate/data-model-overview.md %
- `templateId` is the `id` of the RelationshipTemplate the Token and its QR code should be created for.
- `expiresAt` is the ISODateTime the Token expires at.
- `forIdentity` can be set to an enmeshed address. If set, only the [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) with that `address` can load the Token from the Backbone. If the RelationshipTemplate is already personalized via its `forIdentity` property, the Token created from it must have the same personalization.
- Optionally, `passwordProtection` can be specified as an [object for password protection of a Token]({% link _docs_integrate/data-model-overview.md %}#object-for-password-protection-of-token). If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to specialize the UI of the App in case the password is a pin. If the RelationshipTemplate is already password protected via its `passwordProtection` property, the Token created from it must have the same password protection.
- `passwordProtection` can be specified as an object for [PasswordProtection]({% link _docs_integrate/data-model-overview.md %}#passwordprotection) of a Token. If set, only the Identities that know the password specified within the `passwordProtection.password` property of the Token can load it from the Backbone. In addition, the optional property `passwordProtection.passwordIsPin` can be used to configure the UI of the App in case the password is a pin. If the RelationshipTemplate is already password protected via its `passwordProtection` property, the Token created from it must have the same password protection.

## On Success

Expand All @@ -60,6 +60,6 @@ Creates a QR code for a [Token]({% link _docs_integrate/data-model-overview.md %
- `templateId` does not resolve to a RelationshipTemplate.
- The RelationshipTemplate is owned by another Identity, which means that the value of its `isOwn` property is `false`.
- `expiresAt` lies in the past.
- The RelationshipTemplate is personalized via its `forIdentity` property and the Token has not the same personalization via its `forIdentity` property.
- The RelationshipTemplate is password protected via its `passwordProtection` property and the Token has not the same password protection via its `passwordProtection` property.
- The RelationshipTemplate is personalized via its `forIdentity` property and the Token does not have the same personalization via its `forIdentity` property.
- The RelationshipTemplate is password protected via its `passwordProtection` property and the Token does not have the same password protection via its `passwordProtection` property.
- In case of password protection of the Token, a `passwordProtection.password` that does not consist of 4 to 16 digits was specified, but the value of `passwordProtection.passwordIsPin` was nevertheless set to `true`.
4 changes: 2 additions & 2 deletions _docs_use-cases/use-case-transport-get-or-load-file.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ This use case retrieves a [File]({% link _docs_integrate/data-model-overview.md
## Parameters

- `id` or `reference` that identify the File.
- `password` to enter the password if the File is to be loaded from a `reference` to a via its `passwordProtection` property password protected [Token]({% link _docs_integrate/data-model-overview.md %}#token).
- The `password` if the File is to be loaded from a `reference` to a [Token]({% link _docs_integrate/data-model-overview.md %}#token) that is password protected via its `passwordProtection` property.

## On Success

Expand All @@ -56,5 +56,5 @@ This use case retrieves a [File]({% link _docs_integrate/data-model-overview.md
## On Failure

- The given `id` or `reference` does not resolve to a File.
- The File is to be loaded from a `reference` to a via its `forIdentity` property to a different [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) personalized Token.
- The File is to be loaded from a `reference` to a Token that is personalized for a different [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) via its `forIdentity` property.
- No `password` or an incorrect `password` was entered in case of a File that is to be loaded from a `reference` to a password protected Token.
2 changes: 1 addition & 1 deletion _docs_use-cases/use-case-transport-load-relationshiptemplate-created-by-others.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,5 +67,5 @@ If the RelationshipTemplate or the Token, if there is one, is protected by a pas
- The RelationshipTemplate does not exist.
- The RelationshipTemplate is expired.
- The `maxNumberOfAllocations` of the RelationshipTemplate are depleted.
- The RelationshipTemplate is personalized to a different [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) via the property `forIdentity` of the RelationshipTemplate.
- The RelationshipTemplate is personalized for a different [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) via the property `forIdentity` of the RelationshipTemplate.
- No `password` or an incorrect `password` was entered in case of a password protected RelationshipTemplate or a password protected Token, if there is one.
6 changes: 3 additions & 3 deletions _docs_use-cases/use-case-transport-load-token-created-by-others.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,11 +46,11 @@ This use case intends to load a peer's [Token]({% link _docs_integrate/data-mode

## Parameters

You can execute this use case if you know the `truncatedReference` of the peer's Token
You can execute this use case if you know the `truncatedReference` of the peer's Token.

- `reference` that identifies the Token.
- `ephemeral` to indicate that the Token should be stored locally.
- `password` to enter the password if the Token is protected by a password via its `passwordProtection` property.
- The `password` if the Token is protected by a password via its `passwordProtection` property.

## On Success

Expand All @@ -61,5 +61,5 @@ You can execute this use case if you know the `truncatedReference` of the peer's
- The parameters are malformed.
- The Token does not exist.
- The Token is expired.
- The Token is personalized to a different [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) via the property `forIdentity` of the Token.
- The Token is personalized for a different [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) via the property `forIdentity` of the Token.
- No `password` or an incorrect `password` was entered in case of a password protected Token.
Loading
Loading