TBR: profiles/internal/rpc: Fix test flakiness in
vanadium-js-browser-integration
Likely caused by commit 99b18a785ec1a3ff2ec89442c14d3a2ba7a9d97b
(https://vanadium-review.googlesource.com/#/c/10622/)
This change reopens vanadium/issues#33
while keeping the basic structure in place.
Will look into the test flakiness and remove the hacks introduced in
this change.
Change-Id: I6e2f2ec2fd081e58bb36e60a04c1505211bff4ac
diff --git a/profiles/internal/rpc/server.go b/profiles/internal/rpc/server.go
index 5c168ad..e89bfe9 100644
--- a/profiles/internal/rpc/server.go
+++ b/profiles/internal/rpc/server.go
@@ -1344,33 +1344,38 @@
func (a proxyAuth) RPCStreamListenerOpt() {}
func (a proxyAuth) Login(proxy stream.Flow) (security.Blessings, []security.Discharge, error) {
- var (
- principal = a.s.principal
- dc = a.s.dc
- ctx = a.s.ctx
- )
- if principal == nil {
- return security.Blessings{}, nil, nil
- }
- proxyNames, _ := security.RemoteBlessingNames(ctx, security.NewCall(&security.CallParams{
- LocalPrincipal: principal,
- RemoteBlessings: proxy.RemoteBlessings(),
- RemoteDischarges: proxy.RemoteDischarges(),
- RemoteEndpoint: proxy.RemoteEndpoint(),
- LocalEndpoint: proxy.LocalEndpoint(),
- }))
- blessings := principal.BlessingStore().ForPeer(proxyNames...)
- tpc := blessings.ThirdPartyCaveats()
- if len(tpc) == 0 {
- return blessings, nil, nil
- }
- // Ugh! Have to convert from proxyNames to BlessingPatterns
- proxyPats := make([]security.BlessingPattern, len(proxyNames))
- for idx, n := range proxyNames {
- proxyPats[idx] = security.BlessingPattern(n)
- }
- discharges := dc.PrepareDischarges(ctx, tpc, security.DischargeImpetus{Server: proxyPats})
- return blessings, discharges, nil
+ // TODO(ashankar): Restore this block after figuring out flakiness in javascript-browser-integration tests.
+ // https://v.io/i/33
+ return security.Blessings{}, nil, nil
+ /*
+ var (
+ principal = a.s.principal
+ dc = a.s.dc
+ ctx = a.s.ctx
+ )
+ if principal == nil {
+ return security.Blessings{}, nil, nil
+ }
+ proxyNames, _ := security.RemoteBlessingNames(ctx, security.NewCall(&security.CallParams{
+ LocalPrincipal: principal,
+ RemoteBlessings: proxy.RemoteBlessings(),
+ RemoteDischarges: proxy.RemoteDischarges(),
+ RemoteEndpoint: proxy.RemoteEndpoint(),
+ LocalEndpoint: proxy.LocalEndpoint(),
+ }))
+ blessings := principal.BlessingStore().ForPeer(proxyNames...)
+ tpc := blessings.ThirdPartyCaveats()
+ if len(tpc) == 0 {
+ return blessings, nil, nil
+ }
+ // Ugh! Have to convert from proxyNames to BlessingPatterns
+ proxyPats := make([]security.BlessingPattern, len(proxyNames))
+ for idx, n := range proxyNames {
+ proxyPats[idx] = security.BlessingPattern(n)
+ }
+ discharges := dc.PrepareDischarges(ctx, tpc, security.DischargeImpetus{Server: proxyPats})
+ return blessings, discharges, nil
+ */
}
var _ manager.ProxyAuthenticator = proxyAuth{}
diff --git a/services/proxy/proxyd/main.go b/services/proxy/proxyd/main.go
index a617145..f40b042 100644
--- a/services/proxy/proxyd/main.go
+++ b/services/proxy/proxyd/main.go
@@ -53,6 +53,9 @@
list.In = append(list.In, security.DefaultBlessingPatterns(v23.GetPrincipal(ctx))...)
vlog.Infof("Using access list to control proxy use: %v", list)
authorizer = list
+ // See https://v.io/i/33
+ // Remove this line
+ authorizer = security.AllowEveryone()
}
proxyShutdown, proxyEndpoint, err := static.NewProxy(ctx, listenSpec, authorizer, *name)
