tokenserver/appengine/impl/serviceaccounts/grant.go - Issue 2999483002: tokenserver: Implement InspectOAuthTokenGrant RPC.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: tokenserver/appengine/impl/serviceaccounts/grant.go

Issue 2999483002: tokenserver: Implement InspectOAuthTokenGrant RPC. (Closed)

Patch Set: Created 3 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: tokenserver/appengine/impl/serviceaccounts/grant.go

diff --git a/tokenserver/appengine/impl/serviceaccounts/grant.go b/tokenserver/appengine/impl/serviceaccounts/grant.go

index 946940fd22ba81620a688c3777e0f62575288aee..445e66620046c5312e82f28ab030f7ff2cc6bf1d 100644

--- a/tokenserver/appengine/impl/serviceaccounts/grant.go

+++ b/tokenserver/appengine/impl/serviceaccounts/grant.go

@@ -15,9 +15,12 @@

package serviceaccounts

import (

+ "time"

"github.com/golang/protobuf/proto"

"golang.org/x/net/context"

+ "github.com/luci/luci-go/common/proto/google"

"github.com/luci/luci-go/server/auth/signing"

"github.com/luci/luci-go/tokenserver/api"

@@ -49,3 +52,33 @@ func SignGrant(c context.Context, signer signing.Signer, tok *tokenserver.OAuthT

}

return s.SignToken(c, tok)

}

+// InspectGrant returns information about the OAuth grant.

+//

+// Inspection.Envelope is either nil or *tokenserver.OAuthTokenGrantEnvelope.

+// Inspection.Body is either nil or *tokenserver.OAuthTokenGrantBody.

+func InspectGrant(c context.Context, certs tokensigning.CertificatesSupplier, tok string) (*tokensigning.Inspection, error) {

+ i := tokensigning.Inspector{

+ Certificates: certs,

+ SigningContext: tokenSigningContext,

+ Envelope: func() proto.Message { return &tokenserver.OAuthTokenGrantEnvelope{} },

+ Body: func() proto.Message { return &tokenserver.OAuthTokenGrantBody{} },

+ Unwrap: func(e proto.Message) tokensigning.Unwrapped {

+ env := e.(*tokenserver.OAuthTokenGrantEnvelope)

+ return tokensigning.Unwrapped{

+ Body: env.TokenBody,

+ RsaSHA256Sig: env.Pkcs1Sha256Sig,

+ KeyID: env.KeyId,

+ }

+ },

+ Lifespan: func(b proto.Message) tokensigning.Lifespan {

+ body := b.(*tokenserver.OAuthTokenGrantBody)

+ issuedAt := google.TimeFromProto(body.IssuedAt)

+ return tokensigning.Lifespan{

+ NotBefore: issuedAt,

+ NotAfter: issuedAt.Add(time.Duration(body.ValidityDuration) * time.Second),

+ }

+ },

+ }

+ return i.InspectToken(c, tok)

« no previous file with comments | « no previous file | tokenserver/appengine/impl/serviceaccounts/rpc_inspect_oauth_token_grant.go » ('j') | no next file with comments »