Not storing passwords anymore by using OAUTH from the Open University. #291
Comments
Outline of the solutionAs a maintainer, I want to use an identity and access management mechanism from a provider to save future maintenance work. Ampersand already has provisions for OAuth, so we want to use an OAuth provider. This is preferably the OU since RAP's main deployment is at the OU. RAP is a pretty regular web application with an API and a back end. It stores its client secrets (e.g. database login) in the back end, which is not accessible. So RAP should use the Authorization Code Flow + OIDC. RAP uses:
The Open University offers OpenID connect (OIDC), preferably with PKCE. PKCE is a configuration in a library that Ampersand already uses. This is the starting point of a testing environment: https://login.two.ou.nl/am/oauth2/.well-known/openid-configuration |
stefjoosten
changed the title
|
This issue requires that RAP runs with Prototype Framework 2+. |
Problem
As a maintainer, I want to replace the login mechanism of RAP for security and privacy reasons.
How big is the problem?
Currently, users can freely choose a username and password, which is all the personal data RAP stores. RAP also stores the Ampersand scripts of students. That's all. The security risk is that an intruder guesses a student's username and password
and gains access to their Ampersand scripts. The privacy risk is that the username and password are personal data and personal data is governed by the GDPR. All things considered, Ampersand has a small security and privacy risk with Identity and Access Management.
Business value
This issue aims at removing all personal data, i.e. username and password, from the RAP application to eliminate the privacy risk. It also aims at strengthening the access mechanism by using a better mechanism than a homebrew username/password protection.
The text was updated successfully, but these errors were encountered: