func (s *userAuthenticatorSuite) TestCreateLocalLoginMacaroon(c *gc.C) { service := mockBakeryService{} clock := testing.NewClock(time.Time{}) _, err := authentication.CreateLocalLoginMacaroon( names.NewUserTag("bobbrown"), &service, clock, ) c.Assert(err, jc.ErrorIsNil) service.CheckCallNames(c, "NewMacaroon") service.CheckCall(c, 0, "NewMacaroon", "", []byte(nil), []checkers.Caveat{ {Condition: "is-authenticated-user bobbrown@local"}, {Condition: "time-before 0001-01-01T00:02:00Z"}, }) }
// CreateLocalLoginMacaroon creates a macaroon that may be provided to a user // as proof that they have logged in with a valid username and password. This // macaroon may then be used to obtain a discharge macaroon so that the user // can log in without presenting their password for a set amount of time. func (ctxt *authContext) CreateLocalLoginMacaroon(tag names.UserTag) (*macaroon.Macaroon, error) { return authentication.CreateLocalLoginMacaroon(tag, ctxt.localUserThirdPartyBakeryService, ctxt.clock) }