Authentication
itemir opened this issue · 2 comments
Some gRPC calls require authentication. Do you know how this works?
Example:
$ grpcurl -plaintext -d {\"dish_get_emc\":{}} 192.168.100.1:9200 SpaceX.API.Device.Device/Handle
ERROR:
Code: PermissionDenied
Message:
$
I don't know exactly.
My assumption was that it relates to the signed_request and/or authenticate requests, perhaps by wrapping a request message for a request that needs permissions inside a SpaceX.API.Device.SignedData message. While looking into the question raised in issue #48, though, I found a request (dish_set_config) that returns PermissionDenied when accessed directly for which the mobile app does support the operation. For that case, the mobile app does not send the command directly to the dish on the local network, but rather routes it remotely through a SpaceX server (via HTTPS, so I don't know that it's even using grpc at that point).
So it could be that the requests that need extra permission will only be processed if they come from the satellite side of the dish, but my guess is just that the request is getting routed through a server to avoid having to code the authentication signature into a hackable mobile client device. They don't even support that functionality in the web version of the app.
Assuming there are no further questions regarding this (not that I really have any more information to answer them), I'm going to close it out.