Example #1
0
func NewService(p ServiceParams) *Service {
	checker := checkers.New(p.CaveatChecker)
	return &Service{
		p:             p,
		caveatChecker: checker,
	}
}
Example #2
0
// newAuthHTTPService returns a new HTTP service that serves requests from the given handler.
// The entities map holds an entry for each known entity holding a map from action to ACL.
// The checker is used to check first party caveats and may be nil.
func newAuthHTTPService(handler AuthHTTPHandler, idm auth.IdentityClient, acls ACLGetter, caveatChecker checkers.Checker) *httptest.Server {
	if caveatChecker == nil {
		caveatChecker = checkers.New()
	}
	store := newMacaroonStore()
	service := auth.NewService(auth.ServiceParams{
		CaveatChecker:  caveatChecker,
		UserChecker:    &aclUserChecker{acls},
		IdentityClient: idm,
		MacaroonStore:  store,
	})
	return httptest.NewServer(checkHTTPAuth(service, store, handler))
}
Example #3
0
	"gopkg.in/macaroon.v2-unstable"

	"github.com/rogpeppe/misc/auth"
	"gopkg.in/macaroon-bakery.v2-unstable/bakery"
	"gopkg.in/macaroon-bakery.v2-unstable/bakery/checkers"
	"gopkg.in/macaroon-bakery.v2-unstable/bakerytest"
	"gopkg.in/macaroon-bakery.v2-unstable/httpbakery"
)

var logger = loggo.GetLogger("bakery.auth_test")

const Everyone = "everyone"

var allCheckers = checkers.New(
	checkers.TimeBefore,
	checkers.Declared,
	checkers.OperationChecker,
)

// TODO move idmclient to latest bakery version so we can avoid
// double dependencies above.

type authSuite struct {
	jujutesting.LoggingSuite
}

var _ = gc.Suite(&authSuite{})

// AuthHTTPHandler represents an HTTP handler that can be queried
// for authorization information.
type AuthHTTPHandler interface {