Opaque tokens#313
Open
jonbarrow wants to merge 14 commits into
Open
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
mrjvs
requested changes
Jan 2, 2026
Contributor
|
I haven't checked token sizes in my review, will possibly need to be checked by someone else |
Member
Author
|
This should be ready for review now. I did test that it builds locally and it does, though not much else. It should all work fine though, the changes just replace manual token handling with DB lookups so nothing huge really I'm not going to be here tomorrow however, so do feel free to make any required bug fixes/changes while I'm out just to push things along |
This was referenced Jan 17, 2026
DaniElectra
reviewed
Jan 22, 2026
| throw new ServerError(Status.INVALID_ARGUMENT, 'Invalid token'); | ||
| } | ||
|
|
||
| // TODO - Add checks for the client ID/title ID and matching system/token types here |
Member
There was a problem hiding this comment.
This comment is inaccurate, there isn't any title ID in use here, this should be about client ID / client secret
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves #107 and #108
Changes:
Moves tokens to random data instead of storing the data directly. Trying to fit all the data inside the token was a losing battle because of how space-limited it all ways. This removes clients abilities to handle data entirely locally, but that's fine since it's only a single network hop. I made the tokens be the length of what they are from the official sources, despite the fact that some can sometimes be bigger, just to keep things simple
Marking as a draft because this isn't finished. The entire gRPC side needs to be done, which relies on PretendoNetwork/grpc#10 being merged. Also for gRPC, I think we should just ditch the v1 implementation entirely since it's token handling is fundementally incomaptible with this new handling. Just cut our losses there