Feature/shares

[pjbedard]

Implementation of Shares, unique short URLs that facilitate sharing links to bots/assistants.

Shares are created for a specific bot (Resource object), and may have an optional expiration date/time. This will generate a short URL tag (eg: abc-def-ghi) that can be passed back to pAI-OS by prefixing it with "r/" (eg https://host:port/r/abc-def-ghi) to trigger redirection to the bot's URI. Shares can be used for redirection until their expiration date or until they are manually revoked.

[samj]

@pjbedard: One change I did make locally you might want to import was to avoid adding a dependency for rstr (as clever as it is):

import random
import string

def generate_share_id():
    return '-'.join(''.join(random.choices(string.ascii_lowercase, k=3)) for _ in range(3))

[pjbedard]

@pjbedard: One change I did make locally you might want to import was to avoid adding a dependency for rstr (as clever as it is):

import random
import string

def generate_share_id():
    return '-'.join(''.join(random.choices(string.ascii_lowercase, k=3)) for _ in range(3))

@samj I made the change. Interestingly, it causes the sonarcloud check to fail. (cue sad thrombone)

[sonarcloud]

Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarCloud

[samj]

@pjbedard: SonarCloud isn't happy because I used random.choices(), a Mersenne Twister PRNG. The use case I had in mind was sharing an assistant, which is not high-risk because you'll have to pass AAA to get access, but sharing a document/conversation/etc. could be sensitive and should be secure. That means both a good source of random characters, and enough of them to achieve the aim — either human readability/transferability (e.g. by voice), or security (by default). Make it secure though and it's not readable... people don't read out YouTube URLs for a reason!

rstr is not better by default, but can be secured by passing in a rand source like secrets.choice or (better?) instantiating it from SystemRandom per the docs. I feel like we should probably have the client specify whether they need it to be secure or readable, or (better?) specify the regex with a sane default like 4-4-4 or 3-4-3 (like Google Meets)? Here's what some other folks have done (noting that Zoom got it wrong using digits and had to add the password:

• chatgpt: https://chatgpt.com/share/66e3c89f-af7c-800f-bcdd-c354b5fe76b5
• google: https://meet.google.com/abc-defg-hij (3-4-3)
• zoom: https://us02web.zoom.us/j/12345678901?pwd=aBCDEF12ghIJKLM3NOP4qrs5TUvwYZ.6
• youtube: https://www.youtube.com/watch?v=dQw4w9WgXcQ

Here's what ChatGPT had to say on the subject. Apologies for getting this wrong — better we discovered it now than later.

[samj]

Looks like you've already fixed the random source by going for secrets.choice (which ships with Python 3). I think we should go for 3x4 characters instead of 3x3 (actually Google use 3-4-3), which I think is a reasonable balance between readability and security. We could pass through both parameters with defaults for those who want to be more paranoid (or less)?