appengine/components/components/auth/machine_auth.py - Issue 2013943002: Changing license header, again!

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: appengine/components/components/auth/machine_auth.py

Issue 2013943002: Changing license header, again! (Closed) Base URL: git@github.com:luci/luci-py.git@master

Patch Set: Fixed third parties Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « appengine/components/components/auth/ipaddr_test.py ('k') | appengine/components/components/auth/main.py » ('j') | no next file with comments »

OLD	NEW
1 # Copyright 2016 The LUCI Authors. All rights reserved.	1 # Copyright 2016 The LUCI Authors. All rights reserved.

2 # Use of this source code is governed by the Apache v2.0 license that can be	2 # Use of this source code is governed under the Apache License, Version 2.0

3 # found in the LICENSE file.	3 # that can be found in the LICENSE file.

4	4

5 """Implements authentication based on LUCI machine tokens.	5 """Implements authentication based on LUCI machine tokens.

6	6

7 LUCI machine tokens are short lived signed protobuf blobs that (among other	7 LUCI machine tokens are short lived signed protobuf blobs that (among other

8 information) contain machines' FQDNs.	8 information) contain machines' FQDNs.

9	9

10 Each machine has a TLS certificate (and corresponding private key) it uses	10 Each machine has a TLS certificate (and corresponding private key) it uses

11 to authenticate to LUCI token server when periodically refreshing machine	11 to authenticate to LUCI token server when periodically refreshing machine

12 tokens. Other LUCI backends then simply verifies that the short lived machine	12 tokens. Other LUCI backends then simply verifies that the short lived machine

13 token was signed by the trusted LUCI token server key. That way all the	13 token was signed by the trusted LUCI token server key. That way all the

(...skipping 21 matching lines...) Expand all Loading...
35 no machine token header (which means this authentication method is not	35 no machine token header (which means this authentication method is not

36 applicable).	36 applicable).

37	37

38 Raises:	38 Raises:

39 auth.AuthenticationError is machine token header is present, but the token	39 auth.AuthenticationError is machine token header is present, but the token

40 is invalid.	40 is invalid.

41 """	41 """

42 # TODO(vadimsh): Implement. For now just do nothing, so that components.auth	42 # TODO(vadimsh): Implement. For now just do nothing, so that components.auth

43 # falls back to IP-whitelist based authentication.	43 # falls back to IP-whitelist based authentication.

44 return None	44 return None

OLD	NEW