server/auth/delegation/checker_test.go - Issue 2386643003: auth: Make luci-go services trust signatures produced by the token server.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: server/auth/delegation/checker_test.go

Issue 2386643003: auth: Make luci-go services trust signatures produced by the token server. (Closed)

Patch Set: Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2016 The LUCI Authors. All rights reserved.	1 // Copyright 2016 The LUCI Authors. All rights reserved.

2 // Use of this source code is governed under the Apache License, Version 2.0	2 // Use of this source code is governed under the Apache License, Version 2.0

3 // that can be found in the LICENSE file.	3 // that can be found in the LICENSE file.

4	4

5 package delegation	5 package delegation

6	6

7 import (	7 import (

8 "encoding/base64"	8 "encoding/base64"

9 "os"	9 "os"

10 "strings"	10 "strings"

(...skipping 170 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
181 signerID string	181 signerID string

182 }	182 }

183	183

184 func newFakeTokenMinter() *fakeTokenMinter {	184 func newFakeTokenMinter() *fakeTokenMinter {

185 return &fakeTokenMinter{	185 return &fakeTokenMinter{

186 signer: signingtest.NewSigner(0, nil),	186 signer: signingtest.NewSigner(0, nil),

187 signerID: "service:fake-signer",	187 signerID: "service:fake-signer",

188 }	188 }

189 }	189 }

190	190

191 func (f fakeTokenMinter) GetAuthServiceCertificates(c context.Context) (signin g.PublicCertificates, error) {	191 func (f fakeTokenMinter) GetCertificates(c context.Context, id identity.Identit y) (signing.PublicCertificates, error) {

192 return f.signer.Certificates(c)	192 return f.signer.Certificates(c)

193 }	193 }

194	194

195 func (f fakeTokenMinter) mintToken(c context.Context, subtoken messages.Subtok en) string {	195 func (f fakeTokenMinter) mintToken(c context.Context, subtoken messages.Subtok en) string {

196 blob, err := proto.Marshal(subtoken)	196 blob, err := proto.Marshal(subtoken)

197 if err != nil {	197 if err != nil {

198 panic(err)	198 panic(err)

199 }	199 }

200 keyID, sig, err := f.signer.SignBytes(c, blob)	200 keyID, sig, err := f.signer.SignBytes(c, blob)

201 if err != nil {	201 if err != nil {

(...skipping 15 matching lines...) Expand all Loading...
217 type fakeGroups struct {	217 type fakeGroups struct {

218 groups map[string]string // if nil == no group checks	218 groups map[string]string // if nil == no group checks

219 }	219 }

220	220

221 func (f *fakeGroups) IsMember(c context.Context, id identity.Identity, group str ing) (bool, error) {	221 func (f *fakeGroups) IsMember(c context.Context, id identity.Identity, group str ing) (bool, error) {

222 if f.groups == nil {	222 if f.groups == nil {

223 return true, nil	223 return true, nil

224 }	224 }

225 return f.groups[group] == string(id), nil	225 return f.groups[group] == string(id), nil

226 }	226 }

OLD	NEW

« server/auth/authtest/db.go ('K') | « server/auth/delegation/checker.go ('k') | no next file » | no next file with comments »