Ejemplo n.º 1
0
// newAuthContext creates a new authentication context for st.
func newAuthContext(st *state.State) (*authContext, error) {
	ctxt := &authContext{
		st: st,
		// TODO(fwereade) 2016-07-21 there should be a clock parameter
		clock: clock.WallClock,
		localUserInteractions: authentication.NewInteractions(),
	}

	// Create a bakery service for discharging third-party caveats for
	// local user authentication. This service does not persist keys;
	// its macaroons should be very short-lived.
	localUserThirdPartyBakeryService, _, err := newBakeryService(st, nil, nil)
	if err != nil {
		return nil, errors.Trace(err)
	}
	ctxt.localUserThirdPartyBakeryService = localUserThirdPartyBakeryService

	// Create a bakery service for local user authentication. This service
	// persists keys into MongoDB in a TTL collection.
	store, err := st.NewBakeryStorage()
	if err != nil {
		return nil, errors.Trace(err)
	}
	locator := bakeryServicePublicKeyLocator{ctxt.localUserThirdPartyBakeryService}
	localUserBakeryService, localUserBakeryServiceKey, err := newBakeryService(
		st, store, locator,
	)
	if err != nil {
		return nil, errors.Trace(err)
	}
	ctxt.localUserBakeryService = &expirableStorageBakeryService{
		localUserBakeryService, localUserBakeryServiceKey, store, locator,
	}
	return ctxt, nil
}
Ejemplo n.º 2
0
// newAuthContext creates a new authentication context for st.
func newAuthContext(st *state.State) (*authContext, error) {
	ctxt := &authContext{st: st}
	store, err := st.NewBakeryStorage()
	if err != nil {
		return nil, errors.Trace(err)
	}
	// We use a non-nil, but empty key, because we don't use the
	// key, and don't want to incur the overhead of generating one
	// each time we create a service.
	bakeryService, key, err := newBakeryService(st, store, nil)
	if err != nil {
		return nil, errors.Trace(err)
	}
	ctxt.userAuth.Service = &expirableStorageBakeryService{bakeryService, key, store, nil}
	// TODO(fwereade): 2016-03-17 lp:1558657
	ctxt.userAuth.Clock = state.GetClock()
	return ctxt, nil
}