Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(313)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: server/auth/delegation.go

Issue 2785973002: token-server: Add protos for new API for generating service account tokens. (Closed)
Patch Set: more nits Created 3 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | server/auth/delegation_test.go » ('j') | tokenserver/api/minter/v1/token_minter.proto » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The LUCI Authors. 1 // Copyright 2016 The LUCI Authors.
2 // 2 //
3 // Licensed under the Apache License, Version 2.0 (the "License"); 3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License. 4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at 5 // You may obtain a copy of the License at
6 // 6 //
7 // http://www.apache.org/licenses/LICENSE-2.0 7 // http://www.apache.org/licenses/LICENSE-2.0
8 // 8 //
9 // Unless required by applicable law or agreed to in writing, software 9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS, 10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and 12 // See the License for the specific language governing permissions and
13 // limitations under the License. 13 // limitations under the License.
14 14
15 package auth 15 package auth
16 16
17 import ( 17 import (
18 "fmt" 18 "fmt"
19 "net/http" 19 "net/http"
20 "strings" 20 "strings"
21 "time" 21 "time"
22 22
23 "google.golang.org/grpc"
24
23 "golang.org/x/net/context" 25 "golang.org/x/net/context"
24 26
25 "github.com/luci/luci-go/common/clock" 27 "github.com/luci/luci-go/common/clock"
26 "github.com/luci/luci-go/common/logging" 28 "github.com/luci/luci-go/common/logging"
27 "github.com/luci/luci-go/common/retry" 29 "github.com/luci/luci-go/common/retry"
28 "github.com/luci/luci-go/common/retry/transient" 30 "github.com/luci/luci-go/common/retry/transient"
29 "github.com/luci/luci-go/grpc/grpcutil" 31 "github.com/luci/luci-go/grpc/grpcutil"
30 "github.com/luci/luci-go/grpc/prpc" 32 "github.com/luci/luci-go/grpc/prpc"
31 "github.com/luci/luci-go/server/auth/delegation" 33 "github.com/luci/luci-go/server/auth/delegation"
32 "github.com/luci/luci-go/server/auth/delegation/messages" 34 "github.com/luci/luci-go/server/auth/delegation/messages"
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
98 // 100 //
99 // Used only for logging purposes on the auth service, will be indexed. Should 101 // Used only for logging purposes on the auth service, will be indexed. Should
100 // be a short identifier-like string. 102 // be a short identifier-like string.
101 // 103 //
102 // Optional. 104 // Optional.
103 Intent string 105 Intent string
104 106
105 // rpcClient is token server RPC client to use. 107 // rpcClient is token server RPC client to use.
106 // 108 //
107 // Mocked in tests. 109 // Mocked in tests.
108 » rpcClient minter.TokenMinterClient 110 » rpcClient tokenMinterClient
111 }
112
113 // tokenMinterClient is subset of minter.TokenMinterClient we use.
114 type tokenMinterClient interface {
115 » MintDelegationToken(context.Context, *minter.MintDelegationTokenRequest, ...grpc.CallOption) (*minter.MintDelegationTokenResponse, error)
109 } 116 }
110 117
111 // delegationTokenCache is used to store delegation tokens in the cache. 118 // delegationTokenCache is used to store delegation tokens in the cache.
112 // 119 //
113 // The underlying token type is delegation.Token. 120 // The underlying token type is delegation.Token.
114 var delegationTokenCache = tokenCache{ 121 var delegationTokenCache = tokenCache{
115 Kind: "delegation", 122 Kind: "delegation",
116 Version: 3, 123 Version: 3,
117 ExpRandPercent: 10, 124 ExpRandPercent: 10,
118 MinAcceptedLifetime: 5 * time.Minute, 125 MinAcceptedLifetime: 5 * time.Minute,
(...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after
290 297
291 if err != nil { 298 if err != nil {
292 report(err, label) 299 report(err, label)
293 return nil, err 300 return nil, err
294 } 301 }
295 302
296 t := cached.Token.(delegation.Token) // let it panic on type mismatch 303 t := cached.Token.(delegation.Token) // let it panic on type mismatch
297 report(nil, label) 304 report(nil, label)
298 return &t, nil 305 return &t, nil
299 } 306 }
OLDNEW
« no previous file with comments | « no previous file | server/auth/delegation_test.go » ('j') | tokenserver/api/minter/v1/token_minter.proto » ('J')

Powered by Google App Engine
This is Rietveld 408576698