Skip to content

auth.proto says the Hub generates client_id, but the clients generate it locally #9

Description

@bibonix

The comment on Auth.client_id in auth.proto says:

Not a UUID — the Hub generates it once per installation.

That last clause is wrong. The Hub does not generate client IDs; the clients do, locally, and the Hub just stores whatever id the caller sends.

  • ios/APNCommon/LegalPrincipal.swiftLegalPrincipal.init() builds a 9-char string from ABCDEFGHIJKLMNPQRSTUVWXYZ123456789 using SystemRandomNumberGenerator.
  • android/src/main/java/tech/apn/common/Principal.ktPrincipal() does the same with kotlin.random.Random and the same alphabet, and SystemTunnels.kt persists it to prefs the first time.
  • hub/objects/hub/clients.rbHub::Clients#auth(id, ...) just INSERT ... ON CONFLICT DO NOTHING with the id passed in; nothing on the Hub generates one.
  • hub/front/front_auth.rbPOST /auth takes params[:uid] verbatim (only upcases it and rejects 000000000), so even the auth route accepts a caller-supplied id rather than minting one.

Suggested fix: change the last sentence of the client_id comment to something like "Not a UUID — the client generates it once per installation and persists it across launches."

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions