func (s *userAuthenticatorSuite) TestCreateLocalLoginMacaroon(c *gc.C) {
service := mockBakeryService{}
clock := testing.NewClock(time.Time{})
_, err := authentication.CreateLocalLoginMacaroon(
names.NewUserTag("bobbrown"), &service, clock,
)
c.Assert(err, jc.ErrorIsNil)
service.CheckCallNames(c, "NewMacaroon")
service.CheckCall(c, 0, "NewMacaroon", "", []byte(nil), []checkers.Caveat{
{Condition: "is-authenticated-user bobbrown@local"},
{Condition: "time-before 0001-01-01T00:02:00Z"},
})
}
// CreateLocalLoginMacaroon creates a macaroon that may be provided to a user
// as proof that they have logged in with a valid username and password. This
// macaroon may then be used to obtain a discharge macaroon so that the user
// can log in without presenting their password for a set amount of time.
func (ctxt *authContext) CreateLocalLoginMacaroon(tag names.UserTag) (*macaroon.Macaroon, error) {
return authentication.CreateLocalLoginMacaroon(tag, ctxt.localUserThirdPartyBakeryService, ctxt.clock)
}
