From a0d68739331c3b2063d845456bcb085c2f8de6a6 Mon Sep 17 00:00:00 2001
From: Britta Stallknecht <146106656+britsta@users.noreply.github.com>
Date: Thu, 19 Dec 2024 17:28:50 +0100
Subject: [PATCH] Add description for password protection of
RelationshipTemplates and Tokens (#287)
* fix: forIdentity property of RelationshipTemplate and Token is optional
* feat: add passwordProtection property to RelationshipTemplate
* feat: add paragraph within establish Relationships scenario
* feat: use more appropriate links
* refactor: change order of sentences
* feat: add passwordProtection property to Token
* feat: add link to "Load Token" use case
* feat: add runtime errors regarding password protection and personalization
* feat: add passwordProtection and password parameters to use cases
* feat: add personalization failure to load File use case
* feat: add noPasswordProvided error
* feat: add passwordProtection to create (get) device onboarding token use case
* feat: add forIdentity and passwordProtection to getters of RelationshipTemplates and Tokens
* feat: incorporate review comments
* feat: incorporate PasswordProtectionDTO
* refactor: rephrase sentence
---------
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
---
_docs_integrate/data-model-overview.md | 38 +++++++++++++------
_docs_integrate/error-codes.md | 3 ++
_docs_integrate/establish-relationships.md | 35 +++++++++++++++--
...ted-reference-without-having-an-account.md | 3 ++
...ransport-create-device-onboarding-token.md | 5 ++-
...ansport-create-own-relationshiptemplate.md | 2 +
.../use-case-transport-create-own-token.md | 2 +
...se-case-transport-create-token-for-file.md | 2 +
...eate-token-for-own-relationshiptemplate.md | 7 +++-
...transport-create-token-qr-code-for-file.md | 2 +
...en-qr-code-for-own-relationshiptemplate.md | 7 +++-
.../use-case-transport-get-or-load-file.md | 5 ++-
...-relationshiptemplate-created-by-others.md | 7 +++-
...-transport-load-token-created-by-others.md | 6 ++-
...e-transport-query-relationshiptemplates.md | 7 ++--
...se-transport-query-tokens-by-parameters.md | 2 +
16 files changed, 105 insertions(+), 28 deletions(-)
diff --git a/_docs_integrate/data-model-overview.md b/_docs_integrate/data-model-overview.md
index 1b69d5356..59337e007 100644
--- a/_docs_integrate/data-model-overview.md
+++ b/_docs_integrate/data-model-overview.md
@@ -51,17 +51,30 @@ Tokens can be used to save arbitrary structured data on the Backbone, which is e
A Token has the following properties:
-| Name | Type | Description | Remarks |
-| ------------------ | --------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------- |
-| id | `string` | {% include descr_id class="Token" prefix="TOK" %} |
-| createdBy | `string` | {% include descr_createdBy class="Token" %} | |
-| createdByDevice | `string` | {% include descr_createdByDevice class="Token" %} | |
-| content | `unknown` | The content of the Token. You can add whatever you want here. | will be encrypted before sent to the Backbone |
-| createdAt | `string` | {% include descr_createdAt class="Token" %} | |
-| expiresAt | `string` | {% include descr_expiresAt class="Token" %} | |
-| forIdentity | `string` | Can be set to an enmeshed address. If set, then only the [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) with that `address` can retrieve the Token from the Backbone. |
-| truncatedReference | `string` | {% include descr_truncatedReference class="Token" %} | saved only locally |
-| isEphemeral | `boolean` | If set to `true` the Token will not be cached in the database and only displayed once. You will not be able to fetch this Token unless you remember its truncatedReference. |
+| Name | Type | Description | Remarks |
+| ------------------ | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------- |
+| id | `string` | {% include descr_id class="Token" prefix="TOK" %} |
+| createdBy | `string` | {% include descr_createdBy class="Token" %} | |
+| createdByDevice | `string` | {% include descr_createdByDevice class="Token" %} | |
+| content | `unknown` | The content of the Token. You can add whatever you want here. | will be encrypted before sent to the Backbone |
+| createdAt | `string` | {% include descr_createdAt class="Token" %} | |
+| expiresAt | `string` | {% include descr_expiresAt class="Token" %} | |
+| forIdentity | `string` \| `undefined` | Can be set to an enmeshed address. If set, then only the [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) with that `address` can retrieve the Token from the Backbone. |
+| passwordProtection | [`PasswordProtection`](#passwordprotection) \| `undefined` | Information about whether or not the Token is protected by a password or pin. | |
+| truncatedReference | `string` | {% include descr_truncatedReference class="Token" %} | saved only locally |
+| isEphemeral | `boolean` | If set to `true` the Token will not be cached in the database and only displayed once. You will not be able to fetch this Token unless you remember its truncatedReference. |
+
+### PasswordProtection
+
+A [Token](#token) or [RelationshipTemplate can be protected by a password]({% link _docs_integrate/establish-relationships.md %}#password-protection-of-a-relationshiptemplate) to ensure that it is protected from unauthorized access.
+In order for a peer to [establish a Relationship]({% link _docs_integrate/establish-relationships.md %}) to the creator of a password protected [RelationshipTemplate](#relationshiptemplate), it must enter the correct password when [loading the RelationshipTemplate]({% link _docs_use-cases/use-case-transport-load-relationshiptemplate-created-by-others.md %}).
+Similarly, in order for an Identity to [load a Token]({% link _docs_use-cases/use-case-transport-load-token-created-by-others.md %}) that is password protected, it must enter the correct password.
+Information about the password protection of a Token or a RelationshipTemplate is recorded within its optional `passwordProtection` property.
+
+| Name | Type | Description | Remarks |
+| ------------- | --------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| password | `string` | The password of the Token or the RelationshipTemplate. | |
+| passwordIsPin | `true` \| `undefined` | If the password consists of 4 to 16 digits, the value of the `passwordIsPin` property can be set to `true`. In this case, the password is interpreted as a pin and a corresponding input field is displayed in the UI of the App when the pin needs to be entered. However, if the value is `undefined`, a regular input field for entering the password is displayed regardless of whether the password could also be interpreted as a pin. | |
## RelationshipTemplate
@@ -80,7 +93,8 @@ A RelationshipTemplate serves two purposes:
| content | [`RelationshipTemplateContent`](#relationshiptemplatecontent) \| [`ArbitraryRelationshipTemplateContent`](#arbitraryrelationshiptemplatecontent) | The content of the RelationshipTemplate. If it is intended for a User of the enmeshed App, `RelationshipTemplateContent` has to be used. Otherwise, an `ArbitraryRelationshipTemplateContent` can also be used, which can be filled with anything and serves as a fallback if the `RelationshipTemplateContent` is not sufficient. | |
| expiresAt | `string` | {% include descr_expiresAt class="RelationshipTemplate" %} | will be encrypted before sent to the Backbone |
| maxNumberOfAllocations | `number` \| `undefined` | Can be set to limit the number of allocations of this RelationshipTemplate. A RelationshipTemplate is allocated by another Identity when it is first retrieved by it from the Backbone. After this value is reached, the Backbone rejects each request of any new Identity that wants to retrieve it. Identities that already allocated it will still be able to retrieve it. | |
-| forIdentity | `string` | Can be set to an enmeshed address. If set, then only the [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) with that `address` can retrieve the RelationshipTemplate from the Backbone. | |
+| forIdentity | `string` \| `undefined` | Can be set to an enmeshed address. If set, then only the [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) with that `address` can retrieve the RelationshipTemplate from the Backbone. | |
+| passwordProtection | [`PasswordProtection`](#passwordprotection) \| `undefined` | Information about whether or not the RelationshipTemplate is protected by a password or pin. | |
| truncatedReference | `string` | {% include descr_truncatedReference class="RelationshipTemplate" %} | saved only locally |
## Relationship
diff --git a/_docs_integrate/error-codes.md b/_docs_integrate/error-codes.md
index db7000f7e..e7718cbb2 100644
--- a/_docs_integrate/error-codes.md
+++ b/_docs_integrate/error-codes.md
@@ -131,6 +131,8 @@ Please find a list of enmeshed error codes below. Most often the errors occur on
| {% include anchor a="error.runtime.relationshipTemplates.cannotCreateTokenForPeerTemplate" %} | You cannot [create a Token for a RelationshipTemplate]({% link _docs_use-cases/use-case-transport-create-token-for-own-relationshiptemplate.md %}) of a peer. |
| {% include anchor a="error.runtime.relationshipTemplates.cannotCreateQRCodeForPeerTemplate" %} | You cannot [create a QR code for a RelationshipTemplate]({% link _docs_use-cases/use-case-transport-get-relationshiptemplate.md %}) of a peer. |
| {% include anchor a="error.runtime.relationshipTemplates.invalidReference" %} | The given `truncatedReference` is not valid. The `truncatedReference` for a [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) must start with 'UkxU'. |
+| {% include anchor a="error.runtime.relationshipTemplates.personalizationMustBeInherited" %} | If a [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) is personalized, [Tokens]({% link _docs_integrate/data-model-overview.md %}#token) created from it must have the same personalization. |
+| {% include anchor a="error.runtime.relationshipTemplates.passwordProtectionMustBeInherited" %} | If a [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) has password protection, [Tokens]({% link _docs_integrate/data-model-overview.md %}#token) created from it must have the same password protection. |
| {% include anchor a="error.runtime.requestDeserialization" %} | There was an error during the request deserialization. |
| {% include anchor a="error.runtime.servalError" %} | A serialization / validation error occurred. |
| {% include anchor a="error.runtime.startup.noActiveAccount" %} | No AccountController could be found. You might have to login first. |
@@ -159,6 +161,7 @@ Please find a list of enmeshed error codes below. Most often the errors occur on
| {% include anchor a="error.transport.messages.plaintextMismatch" %} | The own `address` was not named as a `recipient` within the signed MessagePlaintext. For example this can be caused by a replay attack. |
| {% include anchor a="error.transport.messages.signatureListMismatch" %} | The `signature` list didn't contain an entry for a given `address`. |
| {% include anchor a="error.transport.messages.signatureNotValid" %} | The digital signature on a [Message]({% link _docs_integrate/data-model-overview.md %}#message) for a peer `key` is invalid. An impersonation attack might be the cause of this. |
+| {% include anchor a="error.transport.noPasswordProvided" %} | If a [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) or a [Token]({% link _docs_integrate/data-model-overview.md %}#token) has password protection, a password must be provided to load it. |
| {% include anchor a="error.transport.notSupported" %} | The requested method is not yet supported. |
| {% include anchor a="error.transport.recordNotFound" %} | The requested record was not found. |
| {% include anchor a="error.transport.relationships.
activeIdentityDeletionProcessOfOwnerOfRelationshipTemplate" %} | The [Identity]({% link _docs_integrate/data-model-overview.md %}#identity) that created the [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) is currently in the process of deleting itself. Thus, it is not possible to establish a [Relationship]({% link _docs_integrate/data-model-overview.md %}#relationship) to it. |
diff --git a/_docs_integrate/establish-relationships.md b/_docs_integrate/establish-relationships.md
index e9f8dd5d9..73f9d4179 100644
--- a/_docs_integrate/establish-relationships.md
+++ b/_docs_integrate/establish-relationships.md
@@ -75,22 +75,49 @@ How to send a Request via a RelationshipTemplate is explained in detail in the [
If the RelationshipTemplate is intended to establish a Relationship between the templator and another Connector, an [ArbitraryRelationshipTemplateContent]({% link _docs_integrate/data-model-overview.md %}#arbitraryrelationshiptemplatecontent) can be used instead of a RelationshipTemplateContent as the value of the [RelationshipTemplate's]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) `content`. An ArbitraryRelationshipTemplateContent has a single `value` property with no type restriction and is appropriate if the standard way is insufficient.
-### Personalize the RelationshipTemplate
+#### Personalization of a RelationshipTemplate
-If the [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) is only for creating a Relationship with a single known [Identity]({% link _docs_integrate/data-model-overview.md %}#identity), you can set that Identity's `address` in the RelationshipTemplate:
+The optional property `forIdentity` of a [RelationshipTemplate]({% link _docs_integrate/data-model-overview.md %}#relationshiptemplate) can be added to the [input for creating a RelationshipTemplate]({% link _docs_integrate/establish-relationships.md %}#input-for-creating-a-relationshiptemplate) in order to personalize it.
+If the RelationshipTemplate is only for creating a Relationship with a single known [Identity]({% link _docs_integrate/data-model-overview.md %}#identity), you can set that Identity's `address` in the RelationshipTemplate:
```jsonc
{
// ...
"content": {
- // ...
+ // RelationshipTemplateContent or ArbitraryRelationshipTemplateContent
+ ...
},
- "forIdentity": "