Exemple #1
0
func NewFirewall(issuer string, subject string, scopes fosite.Arguments, p ...ladon.Policy) (firewall.Firewall, *http.Client) {
	tokens := pkg.Tokens(1)

	fositeStore := pkg.FositeStore()
	ps := map[string]ladon.Policy{}

	for _, x := range p {
		ps[x.GetID()] = x
	}
	ladonWarden := pkg.LadonWarden(ps)

	ar := fosite.NewAccessRequest(&Session{Subject: subject})
	ar.GrantedScopes = scopes
	fositeStore.CreateAccessTokenSession(nil, tokens[0][0], ar)

	conf := &oauth2.Config{Scopes: scopes, Endpoint: oauth2.Endpoint{}}

	return &warden.LocalWarden{
			Warden: ladonWarden,
			TokenValidator: &core.CoreValidator{
				AccessTokenStrategy: pkg.HMACStrategy,
				AccessTokenStorage:  fositeStore,
			},
			Issuer: issuer,
		},
		conf.Client(oauth2.NoContext, &oauth2.Token{
			AccessToken: tokens[0][1],
			Expiry:      time.Now().Add(time.Hour),
			TokenType:   "bearer",
		})
}
Exemple #2
0
	},
	"2": &ladon.DefaultPolicy{
		ID:        "2",
		Subjects:  []string{"siri"},
		Resources: []string{"<.*>"},
		Actions: []string{
			"an:hydra:warden:allowed",
			"an:hydra:warden:authorized",
		},
		Effect: ladon.AllowAccess,
	},
})

var fositeStore = pkg.FositeStore()

var tokens = pkg.Tokens(2)

func init() {
	wardens["local"] = &warden.LocalWarden{
		Warden: ladonWarden,
		TokenValidator: &core.CoreValidator{
			AccessTokenStrategy: pkg.HMACStrategy,
			AccessTokenStorage:  fositeStore,
		},
		Issuer: "tests",
	}

	r := httprouter.New()
	serv := &warden.WardenHandler{
		Ladon:  ladonWarden,
		H:      &herodot.JSON{},