示例#1
0
func NewFirewall(issuer string, subject string, scopes fosite.Arguments, p ...ladon.Policy) (firewall.Firewall, *http.Client) {
	tokens := pkg.Tokens(1)

	fositeStore := pkg.FositeStore()
	ps := map[string]ladon.Policy{}

	for _, x := range p {
		ps[x.GetID()] = x
	}
	ladonWarden := pkg.LadonWarden(ps)

	ar := fosite.NewAccessRequest(&Session{Subject: subject})
	ar.GrantedScopes = scopes
	fositeStore.CreateAccessTokenSession(nil, tokens[0][0], ar)

	conf := &oauth2.Config{Scopes: scopes, Endpoint: oauth2.Endpoint{}}

	return &warden.LocalWarden{
			Warden: ladonWarden,
			TokenValidator: &core.CoreValidator{
				AccessTokenStrategy: pkg.HMACStrategy,
				AccessTokenStorage:  fositeStore,
			},
			Issuer: issuer,
		},
		conf.Client(oauth2.NoContext, &oauth2.Token{
			AccessToken: tokens[0][1],
			Expiry:      time.Now().Add(time.Hour),
			TokenType:   "bearer",
		})
}
示例#2
0
		Actions:   []string{"create"},
		Effect:    ladon.AllowAccess,
	},
	"2": &ladon.DefaultPolicy{
		ID:        "2",
		Subjects:  []string{"siri"},
		Resources: []string{"<.*>"},
		Actions: []string{
			"an:hydra:warden:allowed",
			"an:hydra:warden:authorized",
		},
		Effect: ladon.AllowAccess,
	},
})

var fositeStore = pkg.FositeStore()

var tokens = pkg.Tokens(2)

func init() {
	wardens["local"] = &warden.LocalWarden{
		Warden: ladonWarden,
		TokenValidator: &core.CoreValidator{
			AccessTokenStrategy: pkg.HMACStrategy,
			AccessTokenStorage:  fositeStore,
		},
		Issuer: "tests",
	}

	r := httprouter.New()
	serv := &warden.WardenHandler{
示例#3
0
	"github.com/julienschmidt/httprouter"
	"github.com/ory-am/fosite"
	"github.com/ory-am/fosite/handler/core"
	"github.com/ory-am/fosite/handler/core/client"
	"github.com/ory-am/fosite/handler/core/explicit"
	"github.com/ory-am/fosite/handler/core/strategy"
	"github.com/ory-am/fosite/hash"
	"github.com/ory-am/fosite/token/hmac"
	"github.com/ory-am/hydra/jwk"
	. "github.com/ory-am/hydra/oauth2"
	"github.com/ory-am/hydra/pkg"
	"golang.org/x/oauth2"
	"golang.org/x/oauth2/clientcredentials"
)

var store = pkg.FositeStore()

var keyManager = &jwk.MemoryManager{}

var keyGenerator = &jwk.RS256Generator{}

var hmacStrategy = &strategy.HMACSHAStrategy{
	Enigma: &hmac.HMACStrategy{
		GlobalSecret: []byte("some-super-cool-secret-that-nobody-knows"),
	},
}

var authCodeHandler = &explicit.AuthorizeExplicitGrantTypeHandler{
	AccessTokenStrategy:       hmacStrategy,
	RefreshTokenStrategy:      hmacStrategy,
	AuthorizeCodeStrategy:     hmacStrategy,