Re: [hono-dev] validating tenant payload data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [hono-dev] validating tenant payload data

From: "Hudalla Kai (INST/ECS4)" <kai.hudalla@xxxxxxxxxxxx>
Date: Fri, 15 Mar 2019 11:13:06 +0000
Accept-language: en-US, de-DE
Delivered-to: hono-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/hono-dev>
List-help: <mailto:hono-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/hono-dev>, <mailto:hono-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/hono-dev>, <mailto:hono-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AQHU2x0mfNMwdv5T10e/wjL+S215XqYMeSGA
Thread-topic: [hono-dev] validating tenant payload data
User-agent: Evolution 3.30.1-1build1

On Fri, 2019-03-15 at 11:51 +0100, Alfusainey Jallow wrote:
> Hi team,
> 
> I want to understand why Hono relaxes the requirement of checking valid key-
> value pairs when storing tenant payload data. Like, someone can literally store
> any data without upfront validation. However, accessor/getter methods do throw
> exceptions when something is not right.
> 
> I am asking specifically in the case of trust anchors. you can store a public
> key/cert value that is not Base64 encoded, without any problem. however, an
> accessor that would retrieve a public key or X.509 certificate instance will
> throw an exception to the caller if the certificate or key instance cannot be
> created. I was thinking making the caller code easier would be to not throw any
> exception and validate the data upfront before it is stored..
> 
> Is there a reason why it is designed this way?
> 

The main reason is that the Tenant API defines methods to retrieve data only but
does not define any methods for registering the data. The idea is that people can
implement these methods on top of their existing systems for managing tenant data
and are not limited by requirements imposed by Hono too much. In fact, we want to
allow for additional data being stored with a Tenant in order to be able to
extend the protocol adapter's more easily with functionality requiring such
additional information.

The implementor of the system for managing the Tenant information may or may not
use the Tenant service base classes we provide with Hono, so we can never be sure
if the data that we retrieve from the service is well-formed or not, so we
definitely need to check on the client side. However, checking a request for
registering a public key or cert for validity of the base64 encoding does make
sense in any case and would be a nice addition to the base classes we provide.

> kind regards
> -- 
> alfu
> _______________________________________________
> hono-dev mailing list
> hono-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://www.eclipse.org/mailman/listinfo/hono-dev

Follow-Ups:
- Re: [hono-dev] validating tenant payload data
  - From: Alfusainey Jallow

References:
- [hono-dev] validating tenant payload data
  - From: Alfusainey Jallow

Prev by Date: [hono-dev] validating tenant payload data
Next by Date: Re: [hono-dev] validating tenant payload data
Previous by thread: [hono-dev] validating tenant payload data
Next by thread: Re: [hono-dev] validating tenant payload data
Index(es):
- Date
- Thread

Breadcrumbs