Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement RFC 9540 #47

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Implement RFC 9540 #47

wants to merge 2 commits into from
+187 −88

Conversation

nothingmuch
Copy link
Collaborator

@nothingmuch nothingmuch commented Feb 5, 2025
edited
Loading

Note: This is a breaking change, and requires directory support for RFC 9540 as well.

This change modifies the relay to assume that both the the OHTTP gateway
and the ohttp keys reside at /.well-known/ohttp-gateway, with POST
requests implementing the OHTTP gateway functionality and GET requests
fetching the OHTTP keys.

Extends #46, but does not strictly depend on it.

Depends on #53

@nothingmuch
Copy link
Collaborator Author

Opened as draft because of the breaking nature of this change, and in case #46 is rejected in which case this should be rebased to not depend on it.

@nothingmuch nothingmuch mentioned this pull request Feb 5, 2025
Closed
DanGould
DanGould reviewed Feb 6, 2025
View reviewed changes
Copy link
Collaborator

@DanGould DanGould left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do I understand correctly that if #46 is merged as well as this PR, the changes will not break our practical use of this relay implementation in the wild that we're aware of?

Or is your preference not to support both /ohttp-keys AND this change?

@nothingmuch
Copy link
Collaborator Author

Do I understand correctly that if #46 is merged as well as this PR, the changes will not break our practical use of this relay implementation in the wild that we're aware of?

#46 should be fine to merge for the stated reason.

However, this PR will break unless the payjoin-directory is also updated (2nd commit of payjoin/rust-payjoin#530 which I will shortly make into its own separate PR).

Or is your preference not to support both /ohttp-keys AND this change?

Actually I think we should support both at least for some transition period as it's just 2 lines in the code, and because the ohttp-keys endpoint is depended on not just by the ohttp-relay but also payjoin receivers. I did remove support for it in payjoin/rust-payjoin#530, but only for testing purposes.

@DanGould DanGould marked this pull request as ready for review February 21, 2025 22:19
@DanGould DanGould marked this pull request as draft February 21, 2025 22:19
DanGould
DanGould approved these changes Feb 21, 2025
View reviewed changes
Copy link
Collaborator

@DanGould DanGould left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK 7f07cf8

This requires a change to payjoin-directory to use this gateway uri order to work. Our payjoin-directory change must be backwards compatible, and then once we're convinced ohttp-relays have updated we can roll out a payjoin-directory that removes the backwards compatibility.

@nothingmuch nothingmuch mentioned this pull request Feb 21, 2025
Open
@DanGould DanGould mentioned this pull request Feb 28, 2025
Open
@nothingmuch nothingmuch force-pushed the rfc-9540 branch 3 times, most recently from cdb6b6a to 3f22f93 Compare March 8, 2025 01:43
@nothingmuch
Refactor GatewayUri
d428437 
Use a non optional Scheme & Authority for representing the internal
state, instead of a Uri which may be relative, and may contain a path.

Authority is normalized to have an explicit port, as before.

Resolution of authority to a socket addr is now async, to avoid blocking
while waiting for host resolution, in anticipation of gateway opt-in
allowing adversary chosen hostnames to be resolved which may be a DoS
concern.

Closes payjoin#51.
@nothingmuch
Assume directory implements RFC 9540
d52c0cb 
RFC 9540 specifies a standard location (/.well-known/ohttp-gateway) for
the OHTTP gateway, where the keys can be fetched with a GET request and
OHTTP requests to the target resource can be POSTed.
@nothingmuch nothingmuch mentioned this pull request Mar 9, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DanGould DanGould DanGould approved these changes

Assignees
No one assigned
Labels
blocked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nothingmuch @DanGould