Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update docs about the use of labels with HTTP requests #1425

Merged
merged 1 commit into from
Nov 23, 2020
Merged

Update docs about the use of labels with HTTP requests #1425

merged 1 commit into from
Nov 23, 2020

Conversation

rbehjati
Copy link
Contributor

@rbehjati rbehjati commented Sep 2, 2020
edited
Loading

  • Adds json schema files for IFC labels, generated using protoc-gen-jsonschema
  • Updates documentation about the use of IFC labels with HTTP requests

@rbehjati rbehjati added the WIP Work in progress label Sep 2, 2020
jul-sh
jul-sh reviewed Sep 3, 2020
View reviewed changes
docs/concepts.md Outdated
Comment on lines 349 to 356
- a "response sender" write handle to a Channel, whose Label is currently
`public_untrusted`. However, to avoid any accidental data leaks, the label of
the Channel should be set such that it has:

- a confidentiality component set based on the identity of the user. This is
essentially the same as the integrity component described above for the
"request receiver".
- an empty integrity component.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How are messages to this channel handled? Does it result in an outgoing HTTP invocation to the client that sent the original invocation?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. The messages in the channel are only read by the HTTP server pseudo-node. The messages are in fact HTTP responses that will be sent to the client. But I will add a the confidentiality label to avoid any accidental data leaks. (This is a WIP description of how it should work, and it is not yet implemented, I have created #1428 to track this.)

@rbehjati
Copy link
Contributor Author

@tiziano88 @juliettepretot I am not sure if it makes sense to check-in the .jsonscheme files in oak_abi/json. Proto3 provides a canonical JSON encoding, and Protobuf 3.3.0, comes with a built-in JSON serializer and parser. So, just having the proto file should be enough; no need for explicitly sharing a json schema. What do you think?

@rbehjati rbehjati requested review from jul-sh and tiziano88 November 20, 2020 16:18
@rbehjati rbehjati removed the WIP Work in progress label Nov 20, 2020
@tiziano88
Copy link
Collaborator

tiziano88 commented Nov 20, 2020
edited
Loading

@tiziano88 @juliettepretot I am not sure if it makes sense to check-in the .jsonscheme files in oak_abi/json. Proto3 provides a canonical JSON encoding, and Protobuf 3.3.0, comes with a built-in JSON serializer and parser. So, just having the proto file should be enough; no need for explicitly sharing a json schema. What do you think?

How were these files genereted? How can other people re-generate them? Is there any mechanism to make sure they are in sync? Personally I don't think they add any value on top of the protobuf files, but I don't know if they are useful for anything else?

@rbehjati
Copy link
Contributor Author

@tiziano88 I totally agree that they don't provide any value! I have generated them using protoc-gen-jsonschema. Keeping them in sync will be a serious problem. I could not find a Bazel rule for generating them, and I am not sure we have a good place to document how these could be generated (currently only mentioned in this PR!).

@jul-sh
Copy link
Contributor

jul-sh commented Nov 20, 2020

Agreed we don't need these files if they can be deducted from protobuf as a source of truth. What are the JSON schema files used for? Just documentation?

@rbehjati
Copy link
Contributor Author

Agreed we don't need these files if they can be deducted from protobuf as a source of truth. What are the JSON schema files used for? Just documentation?

Just documentation :)

@jul-sh
Copy link
Contributor

jul-sh commented Nov 20, 2020

Would it make sense to leave instructions in the docs to explain how people can deduct the JSON shape from the protobuf file?

@rbehjati
Copy link
Contributor Author

Would it make sense to leave instructions in the docs to explain how people can deduct the JSON shape from the protobuf file?

Added a link to the description of the mapping.

jul-sh
jul-sh approved these changes Nov 23, 2020
View reviewed changes
Copy link
Contributor

@jul-sh jul-sh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rbehjati rbehjati merged commit 941dbf7 into project-oak:main Nov 23, 2020
@rbehjati rbehjati deleted the http-docs branch November 23, 2020 12:29
@github-actions
Copy link

Reproducibility Index:

a26d098554bef31a5d0339567f78cdc03e5ca339c28db447733234d560ed1aed  ./examples/target/wasm32-unknown-unknown/release/abitest_0_frontend.wasm
fc05912ce96279ab634b3d9a840785beff525f470b7ecad8464a5759468ae101  ./examples/target/wasm32-unknown-unknown/release/abitest_1_backend.wasm
d6e2d8870f0e15c158a96fff400e569360afd9895a796ddde544691c2370911f  ./examples/target/wasm32-unknown-unknown/release/aggregator.wasm
51fb2b3adc5614c86c4909633daf36e28e6bf4a49f3871530ecb07956d14a842  ./examples/target/wasm32-unknown-unknown/release/chat.wasm
b1258cf2c7e0fa80460129f4a451d7487615a92f79937eecc1c65972652176c6  ./examples/target/wasm32-unknown-unknown/release/hello_world.wasm
2067a83188f4f229f4c2c4c1ea910dcf83247e727421dfc562b1a5ed42825514  ./examples/target/wasm32-unknown-unknown/release/http_server.wasm
c258f27cfb2792308579cda9bbd2725c84e4a625474ac1254f6396cedd6c65ab  ./examples/target/wasm32-unknown-unknown/release/injection.wasm
3cc27e66410e8f6d830ceba45694c2c7a461bf77bba9bf55a6fdb84d017385d0  ./examples/target/wasm32-unknown-unknown/release/private_set_intersection.wasm
8d796234b86551bd5c42df9ebacee3a68269945f758fd7e6592d7fddcf8407cb  ./examples/target/wasm32-unknown-unknown/release/private_set_intersection_handler.wasm
5894508da77351ffd4185f26a932827a8c0b913d50a2e252f503ef3b30fb78f3  ./examples/target/wasm32-unknown-unknown/release/translator.wasm
60c2e8e5e8001302a9311f1b6472a6ff3f4df8e25c55ab1053dee4a91dbd5b1f  ./examples/target/wasm32-unknown-unknown/release/trusted_database.wasm
33e1dd17ef1b0762cb87301dab84308123eaa3063f1c057ae8603bc5f379979a  ./oak_loader/target/x86_64-unknown-linux-musl/release/oak_loader

Reproducibility Index diff:


      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    
















  
  

    

      

  




    


    

      

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



      

    

  




  
          




      

  

    
    

    
  

    Reviewers
  


    


        

          

  
      @jul-sh
  
    jul-sh



          
            
              
            
          
          jul-sh approved these changes

        

      

          

  
      @tiziano88
  
    tiziano88


                Awaiting requested review from tiziano88


        
      


      






    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    cla: yes









      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          
  

    

      

        
          

            
    

    Development
  



              


Successfully merging this pull request may close these issues.



  


        
      

    

  


      

    

  
      

  

    

      4 participants
    

    

        
          @rbehjati 
        
          @tiziano88 
        
          @jul-sh 
        
          @googlebot