tokenserver/appengine/impl/serviceaccounts/grant.go - Issue 2991413002: tokenserver: Implement MintOAuthTokenGrant RPC.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: tokenserver/appengine/impl/serviceaccounts/grant.go

Issue 2991413002: tokenserver: Implement MintOAuthTokenGrant RPC. (Closed)

Patch Set: Created 3 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « no previous file | tokenserver/appengine/impl/serviceaccounts/grant_test.go » ('j') | tokenserver/appengine/impl/serviceaccounts/rpc_mint_oauth_token_grant.go » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2017 The LUCI Authors.

	2 //

	3 // Licensed under the Apache License, Version 2.0 (the "License");

	4 // you may not use this file except in compliance with the License.

	5 // You may obtain a copy of the License at

	6 //

	7 // http://www.apache.org/licenses/LICENSE-2.0

	8 //

	9 // Unless required by applicable law or agreed to in writing, software

	10 // distributed under the License is distributed on an "AS IS" BASIS,

	11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

	12 // See the License for the specific language governing permissions and

	13 // limitations under the License.

	14

	15 package serviceaccounts

	16

	17 import (

	18 "github.com/golang/protobuf/proto"

	19 "golang.org/x/net/context"

	20

	21 "github.com/luci/luci-go/server/auth/signing"

	22

	23 "github.com/luci/luci-go/tokenserver/api"

	24 "github.com/luci/luci-go/tokenserver/appengine/impl/utils/tokensigning"

	25 )

	26

	27 // tokenSigningContext is used to make sure grant token is not misused in

	28 // place of some other token.

	29 //

	30 // See SigningContext in utils/tokensigning.Signer.

	31 const tokenSigningContext = "LUCI OAuthTokenGrant v1"

	32

	33 // SignGrant signs and serializes the OAuth grant.

	34 //

	35 // It doesn't do any validation. Assumes the prepared body is valid.

	36 //

	37 // Produces base64 URL-safe token or a transient error.

	38 func SignGrant(c context.Context, signer signing.Signer, tok *tokenserver.OAuthT okenGrantBody) (string, error) {
	Vadim Sh. 2017/08/04 06:37:37 similar to https://github.com/luci/luci-go/blob/ma similar to https://github.com/luci/luci-go/blob/master/tokenserver/appengine/impl/delega...
	39 s := tokensigning.Signer{

	40 Signer: signer,

	41 SigningContext: tokenSigningContext,

	42 Wrap: func(w *tokensigning.Unwrapped) proto.Message {

	43 return &tokenserver.OAuthTokenGrantEnvelope{

	44 TokenBody: w.Body,

	45 Pkcs1Sha256Sig: w.RsaSHA256Sig,

	46 KeyId: w.KeyID,

	47 }

	48 },

	49 }

	50 return s.SignToken(c, tok)

	51 }

OLD	NEW