ref: Split the security.Call and rpc.ServerCall interfaces.
It turns out they don't have that much in common and now that security
functions take context.T there is no reason to have them conjoined.
Change-Id: I9a562d942a9f77c09049632848c55485a4e05514
MultiPart: 2/2
diff --git a/services/identity/internal/blesser/macaroon.go b/services/identity/internal/blesser/macaroon.go
index 2f161cd..60ca742 100644
--- a/services/identity/internal/blesser/macaroon.go
+++ b/services/identity/internal/blesser/macaroon.go
@@ -28,6 +28,7 @@
}
func (b *macaroonBlesser) Bless(call rpc.ServerCall, macaroon string) (security.Blessings, error) {
+ secCall := security.GetCall(call.Context())
var empty security.Blessings
inputs, err := util.Macaroon(macaroon).Decode(b.key)
if err != nil {
@@ -40,11 +41,12 @@
if time.Now().After(m.Creation.Add(time.Minute * 5)) {
return empty, fmt.Errorf("macaroon has expired")
}
- if call.LocalPrincipal() == nil {
+ if secCall.LocalPrincipal() == nil {
return empty, fmt.Errorf("server misconfiguration: no authentication happened")
}
if len(m.Caveats) == 0 {
m.Caveats = []security.Caveat{security.UnconstrainedUse()}
}
- return call.LocalPrincipal().Bless(call.RemoteBlessings().PublicKey(), call.LocalBlessings(), m.Name, m.Caveats[0], m.Caveats[1:]...)
+ return secCall.LocalPrincipal().Bless(secCall.RemoteBlessings().PublicKey(),
+ secCall.LocalBlessings(), m.Name, m.Caveats[0], m.Caveats[1:]...)
}
diff --git a/services/identity/internal/blesser/macaroon_test.go b/services/identity/internal/blesser/macaroon_test.go
index 3bd6cc8..91be9d1 100644
--- a/services/identity/internal/blesser/macaroon_test.go
+++ b/services/identity/internal/blesser/macaroon_test.go
@@ -23,11 +23,7 @@
key = make([]byte, 16)
provider, user = testutil.NewPrincipal(), testutil.NewPrincipal()
cOnlyMethodFoo = newCaveat(security.MethodCaveat("Foo"))
- context = &serverCall{
- p: provider,
- local: blessSelf(provider, "provider"),
- remote: blessSelf(user, "self-signed-user"),
- }
+ call = fakeCall(provider, user)
)
if _, err := rand.Read(key); err != nil {
t.Fatal(err)
@@ -36,11 +32,11 @@
m := oauth.BlessingMacaroon{Creation: time.Now().Add(-1 * time.Hour), Name: "foo"}
wantErr := "macaroon has expired"
- if _, err := blesser.Bless(context, newMacaroon(t, key, m)); err == nil || err.Error() != wantErr {
+ if _, err := blesser.Bless(call, newMacaroon(t, key, m)); err == nil || err.Error() != wantErr {
t.Errorf("Bless(...) failed with error: %v, want: %v", err, wantErr)
}
m = oauth.BlessingMacaroon{Creation: time.Now(), Name: "user", Caveats: []security.Caveat{cOnlyMethodFoo}}
- b, err := blesser.Bless(context, newMacaroon(t, key, m))
+ b, err := blesser.Bless(call, newMacaroon(t, key, m))
if err != nil {
t.Errorf("Bless failed: %v", err)
}
diff --git a/services/identity/internal/blesser/oauth.go b/services/identity/internal/blesser/oauth.go
index e086e40..7dbd413 100644
--- a/services/identity/internal/blesser/oauth.go
+++ b/services/identity/internal/blesser/oauth.go
@@ -68,10 +68,10 @@
if err != nil {
return noblessings, "", err
}
- return b.bless(call, email, clientName)
+ return b.bless(security.GetCall(call.Context()), email, clientName)
}
-func (b *oauthBlesser) bless(call rpc.ServerCall, email, clientName string) (security.Blessings, string, error) {
+func (b *oauthBlesser) bless(call security.Call, email, clientName string) (security.Blessings, string, error) {
var noblessings security.Blessings
self := call.LocalPrincipal()
if self == nil {
diff --git a/services/identity/internal/blesser/oauth_test.go b/services/identity/internal/blesser/oauth_test.go
index d7eebe7..ff593db 100644
--- a/services/identity/internal/blesser/oauth_test.go
+++ b/services/identity/internal/blesser/oauth_test.go
@@ -18,18 +18,14 @@
func TestOAuthBlesser(t *testing.T) {
var (
provider, user = testutil.NewPrincipal(), testutil.NewPrincipal()
- context = &serverCall{
- p: provider,
- local: blessSelf(provider, "provider"),
- remote: blessSelf(user, "self-signed-user"),
- }
+ call = fakeCall(provider, user)
)
blesser := NewOAuthBlesserServer(OAuthBlesserParams{
OAuthProvider: oauth.NewMockOAuth(),
BlessingDuration: time.Hour,
})
- b, extension, err := blesser.BlessUsingAccessToken(context, "test-access-token")
+ b, extension, err := blesser.BlessUsingAccessToken(call, "test-access-token")
if err != nil {
t.Errorf("BlessUsingAccessToken failed: %v", err)
}
diff --git a/services/identity/internal/blesser/util_test.go b/services/identity/internal/blesser/util_test.go
index 1de952c..1b6bd9d 100644
--- a/services/identity/internal/blesser/util_test.go
+++ b/services/identity/internal/blesser/util_test.go
@@ -5,21 +5,28 @@
package blesser
import (
+ "v.io/v23/context"
"v.io/v23/rpc"
"v.io/v23/security"
)
type serverCall struct {
rpc.StreamServerCall
- method string
- p security.Principal
- local, remote security.Blessings
+ context *context.T
}
-func (c *serverCall) Method() string { return c.method }
-func (c *serverCall) LocalPrincipal() security.Principal { return c.p }
-func (c *serverCall) LocalBlessings() security.Blessings { return c.local }
-func (c *serverCall) RemoteBlessings() security.Blessings { return c.remote }
+func fakeCall(provider, user security.Principal) rpc.StreamServerCall {
+ secCall := security.NewCall(&security.CallParams{
+ LocalPrincipal: provider,
+ LocalBlessings: blessSelf(provider, "provider"),
+ RemoteBlessings: blessSelf(user, "self-signed-user"),
+ })
+ ctx, _ := context.RootContext()
+ ctx = security.SetCall(ctx, secCall)
+ return &serverCall{context: ctx}
+}
+
+func (c *serverCall) Context() *context.T { return c.context }
func blessSelf(p security.Principal, name string) security.Blessings {
b, err := p.BlessSelf(name)
diff --git a/services/mgmt/device/impl/app_service.go b/services/mgmt/device/impl/app_service.go
index f552a00..ea6e45f 100644
--- a/services/mgmt/device/impl/app_service.go
+++ b/services/mgmt/device/impl/app_service.go
@@ -597,7 +597,7 @@
// TODO(caprita): Figure out if there is any feature value in providing
// the app with a device manager-derived blessing (e.g., may the app
// need to prove it's running on the device?).
- dmPrincipal := call.LocalPrincipal()
+ dmPrincipal := v23.GetPrincipal(call.Context())
dmBlessings, err := dmPrincipal.Bless(p.PublicKey(), dmPrincipal.BlessingStore().Default(), "callback", security.UnconstrainedUse())
// Put the names of the device manager's default blessings as patterns
// for the child, so that the child uses the right blessing when talking
diff --git a/services/mgmt/device/impl/claim.go b/services/mgmt/device/impl/claim.go
index 30d3f9c..8311361 100644
--- a/services/mgmt/device/impl/claim.go
+++ b/services/mgmt/device/impl/claim.go
@@ -8,6 +8,7 @@
"crypto/subtle"
"sync"
+ "v.io/v23"
"v.io/v23/context"
"v.io/v23/rpc"
"v.io/v23/security"
@@ -40,7 +41,7 @@
}
var (
granted = call.GrantedBlessings() // blessings granted by the claimant
- principal = call.LocalPrincipal()
+ principal = v23.GetPrincipal(call.Context())
store = principal.BlessingStore()
)
if granted.IsZero() {
diff --git a/services/mounttable/lib/mounttable.go b/services/mounttable/lib/mounttable.go
index 67b9923..d67a005 100644
--- a/services/mounttable/lib/mounttable.go
+++ b/services/mounttable/lib/mounttable.go
@@ -174,7 +174,8 @@
return nil
}
// "Self-RPCs" are always authorized.
- if l, r := call.LocalBlessings().PublicKey(), call.RemoteBlessings().PublicKey(); l != nil && reflect.DeepEqual(l, r) {
+ secCall := security.GetCall(call.Context())
+ if l, r := secCall.LocalBlessings().PublicKey(), secCall.RemoteBlessings().PublicKey(); l != nil && reflect.DeepEqual(l, r) {
return nil
}
// Match client's blessings against the AccessLists.
diff --git a/services/security/discharger/discharger.go b/services/security/discharger/discharger.go
index e64379a..e839380 100644
--- a/services/security/discharger/discharger.go
+++ b/services/security/discharger/discharger.go
@@ -18,18 +18,20 @@
type dischargerd struct{}
func (dischargerd) Discharge(call rpc.ServerCall, caveat security.Caveat, _ security.DischargeImpetus) (security.Discharge, error) {
+ ctx := call.Context()
+ secCall := security.GetCall(ctx)
tp := caveat.ThirdPartyDetails()
if tp == nil {
return security.Discharge{}, fmt.Errorf("Caveat %v does not represent a third party caveat", caveat)
}
- if err := tp.Dischargeable(call.Context()); err != nil {
+ if err := tp.Dischargeable(ctx); err != nil {
return security.Discharge{}, fmt.Errorf("third-party caveat %v cannot be discharged for this context: %v", tp, err)
}
expiry, err := security.ExpiryCaveat(time.Now().Add(15 * time.Minute))
if err != nil {
return security.Discharge{}, fmt.Errorf("unable to create expiration caveat on the discharge: %v", err)
}
- return call.LocalPrincipal().MintDischarge(caveat, expiry)
+ return secCall.LocalPrincipal().MintDischarge(caveat, expiry)
}
// NewDischarger returns a discharger service implementation that grants
