veyron/services/identity: Remove support for the old security model.
And with it, also remove the "identity" tool.
Change-Id: I85a390c1af0f3874be68dfb7e46fb6fdc8ceb567
diff --git a/security/agent/agentd/main.go b/security/agent/agentd/main.go
index 569032d..b3341cb 100644
--- a/security/agent/agentd/main.go
+++ b/security/agent/agentd/main.go
@@ -49,7 +49,7 @@
if err = os.Setenv(agent.FdVarName, "3"); err != nil {
log.Fatalf("setenv: %v", err)
}
- if err = os.Setenv("VEYRON_IDENTITY", ""); err != nil {
+ if err = os.Setenv("VEYRON_CREDENTIALS", ""); err != nil {
log.Fatalf("setenv: %v", err)
}
diff --git a/security/agent/test.sh b/security/agent/test.sh
index 8efeed6..a6961c1 100755
--- a/security/agent/test.sh
+++ b/security/agent/test.sh
@@ -9,12 +9,6 @@
build() {
AGENTD_BIN="$(shell_test::build_go_binary 'veyron.io/veyron/veyron/security/agent/agentd')"
PINGPONG_BIN="$(shell_test::build_go_binary 'veyron.io/veyron/veyron/security/agent/pingpong')"
- IDENTITY_BIN="$(shell_test::build_go_binary 'veyron.io/veyron/veyron/tools/identity')"
-}
-
-echo_identity() {
- local -r OUTPUT="$1"
- "${AGENTD_BIN}" bash -c 'echo ${VEYRON_IDENTITY}' > "${OUTPUT}"
}
main() {
@@ -30,11 +24,9 @@
# Test running a single app.
shell_test::start_server "${PINGPONG_BIN}" --server
"${AGENTD_BIN}" --v=4 "${PINGPONG_BIN}" || shell_test::fail "line ${LINENO}: failed to run pingpong"
- local -r OUTPUT=$(shell::tmp_file)
- RESULT=$(shell::check_result echo_identity "${OUTPUT}")
- shell_test::assert_eq "${RESULT}" "0" "${LINENO}"
- if [[ ! -s "${OUTPUT}" ]]; then
- shell_test::fail "line ${LINENO}: credentials preserved"
+ local -r CREDENTIALS_UNDER_AGENT=$("${AGENTD_BIN}" bash -c 'echo ${VEYRON_CREDENTIALS}')
+ if [[ "${CREDENTIALS_UNDER_AGENT}" != "" ]]; then
+ shell_test::fail "line ${LINENO}: VEYRON_CREDENTIALS should not be set when running under the agent(${CREDENTIALS_UNDER_AGENT})"
fi
# Test running multiple apps connecting to the same agent.
diff --git a/security/agent/testchild.sh b/security/agent/testchild.sh
index 0bd2a9d..089d53c 100644
--- a/security/agent/testchild.sh
+++ b/security/agent/testchild.sh
@@ -5,7 +5,7 @@
source "${VEYRON_ROOT}/scripts/lib/shell_test.sh"
main() {
- if [[ -n "${VEYRON_IDENTITY}" ]]; then
+ if [[ -n "${VEYRON_CREDENTIALS}" ]]; then
shell_test::fail "line ${LINENO}: identity preserved"
fi
PINGPONG_BIN="$(shell_test::build_go_binary 'veyron.io/veyron/veyron/security/agent/pingpong')"
diff --git a/services/identity/blesser/macaroon.go b/services/identity/blesser/macaroon.go
index a8b538e..6517ab2 100644
--- a/services/identity/blesser/macaroon.go
+++ b/services/identity/blesser/macaroon.go
@@ -8,15 +8,12 @@
"veyron.io/veyron/veyron/services/identity"
"veyron.io/veyron/veyron/services/identity/util"
- "veyron.io/veyron/veyron2"
"veyron.io/veyron/veyron2/ipc"
"veyron.io/veyron/veyron2/security"
- "veyron.io/veyron/veyron2/vdl/vdlutil"
"veyron.io/veyron/veyron2/vom"
)
type macaroonBlesser struct {
- rt veyron2.Runtime // TODO(ashankar): Remove when the old security model is ripped out
key []byte
}
@@ -29,43 +26,35 @@
// NewMacaroonBlesserServer provides an identity.MacaroonBlesser Service that generates blessings
// after unpacking a BlessingMacaroon.
-//
-// TODO(ashankar): Remove the "r" argument once the switch to the new security model is complete.
-func NewMacaroonBlesserServer(r veyron2.Runtime, key []byte) interface{} {
- return identity.NewServerMacaroonBlesser(&macaroonBlesser{r, key})
+func NewMacaroonBlesserServer(key []byte) interface{} {
+ return identity.NewServerMacaroonBlesser(&macaroonBlesser{key})
}
-func (b *macaroonBlesser) Bless(ctx ipc.ServerContext, macaroon string) (vdlutil.Any, error) {
+func (b *macaroonBlesser) Bless(ctx ipc.ServerContext, macaroon string) (security.WireBlessings, error) {
+ var empty security.WireBlessings
inputs, err := util.Macaroon(macaroon).Decode(b.key)
if err != nil {
- return nil, err
+ return empty, err
}
var m BlessingMacaroon
if err := vom.NewDecoder(bytes.NewBuffer(inputs)).Decode(&m); err != nil {
- return nil, err
+ return empty, err
}
if time.Now().After(m.Creation.Add(time.Minute * 5)) {
- return nil, fmt.Errorf("macaroon has expired")
+ return empty, fmt.Errorf("macaroon has expired")
}
- if ctx.LocalPrincipal() == nil || ctx.RemoteBlessings() == nil {
- // TODO(ashankar): Old security model, remove this block.
- self := b.rt.Identity()
- var err error
- // Use the blessing that was used to authenticate with the client to bless it.
- if self, err = self.Derive(ctx.LocalID()); err != nil {
- return nil, err
- }
- return self.Bless(ctx.RemoteID(), m.Name, time.Hour*24*365, m.Caveats)
+ if ctx.LocalPrincipal() == nil {
+ return empty, fmt.Errorf("server misconfiguration: no authentication happened")
}
if len(m.Caveats) == 0 {
m.Caveats = []security.Caveat{security.UnconstrainedUse()}
}
- // TODO(ashankar,toddw): After the old security model is ripped out and the VDL configuration
- // files have the scheme to translate between "wire" types and "in-memory" types, this should just
- // become return ctx.LocalPrincipal().....
+ // TODO(ashankar,toddw): After the VDL configuration files have the
+ // scheme to translate between "wire" types and "in-memory" types, this
+ // should just become return ctx.LocalPrincipal().....
blessings, err := ctx.LocalPrincipal().Bless(ctx.RemoteBlessings().PublicKey(), ctx.LocalBlessings(), m.Name, m.Caveats[0], m.Caveats[1:]...)
if err != nil {
- return nil, err
+ return empty, err
}
return security.MarshalBlessings(blessings), nil
}
diff --git a/services/identity/blesser/macaroon_test.go b/services/identity/blesser/macaroon_test.go
index 0a907c8..2792efa 100644
--- a/services/identity/blesser/macaroon_test.go
+++ b/services/identity/blesser/macaroon_test.go
@@ -30,19 +30,17 @@
if _, err := rand.Read(key); err != nil {
t.Fatal(err)
}
- blesser := NewMacaroonBlesserServer(nil, key).(*identity.ServerStubMacaroonBlesser)
+ blesser := NewMacaroonBlesserServer(key).(*identity.ServerStubMacaroonBlesser)
m := BlessingMacaroon{Creation: time.Now().Add(-1 * time.Hour), Name: "foo"}
- if got, err := blesser.Bless(context, newMacaroon(t, key, m)); got != nil || err == nil || err.Error() != "macaroon has expired" {
+ if got, err := blesser.Bless(context, newMacaroon(t, key, m)); err == nil || err.Error() != "macaroon has expired" {
t.Errorf("Got (%v, %v)", got, err)
}
m = BlessingMacaroon{Creation: time.Now(), Name: "user", Caveats: []security.Caveat{cOnlyMethodFoo}}
- if result, err := blesser.Bless(context, newMacaroon(t, key, m)); err != nil || result == nil {
+ if result, err := blesser.Bless(context, newMacaroon(t, key, m)); err != nil {
t.Errorf("Got (%v, %v)", result, err)
- } else if _, ok := result.(security.WireBlessings); !ok {
- t.Errorf("Got %T, want security.Blessings", result)
} else {
- b, err := security.NewBlessings(result.(security.WireBlessings))
+ b, err := security.NewBlessings(result)
if err != nil {
t.Fatalf("Unable to decode response into a security.Blessings object: %v", err)
}
diff --git a/services/identity/blesser/oauth.go b/services/identity/blesser/oauth.go
index df19987..c2e1698 100644
--- a/services/identity/blesser/oauth.go
+++ b/services/identity/blesser/oauth.go
@@ -4,21 +4,17 @@
"encoding/json"
"fmt"
"net/http"
- "strings"
"time"
"veyron.io/veyron/veyron/services/identity"
"veyron.io/veyron/veyron/services/identity/revocation"
- "veyron.io/veyron/veyron2"
"veyron.io/veyron/veyron2/ipc"
"veyron.io/veyron/veyron2/security"
- "veyron.io/veyron/veyron2/vdl/vdlutil"
"veyron.io/veyron/veyron2/vlog"
)
type googleOAuth struct {
- rt veyron2.Runtime
authcodeClient struct{ ID, Secret string }
accessTokenClients []string
duration time.Duration
@@ -29,8 +25,6 @@
// GoogleParams represents all the parameters provided to NewGoogleOAuthBlesserServer
type GoogleParams struct {
- // The Veyron runtime to use. // TODO(ashankar): Remove once the old security model is ripped out.
- R veyron2.Runtime
// The OAuth client IDs for the clients of the BlessUsingAccessToken RPCs.
AccessTokenClients []string
// If non-empty, only email addresses from this domain will be blessed.
@@ -53,7 +47,6 @@
// are generated only for email addresses from that domain.
func NewGoogleOAuthBlesserServer(p GoogleParams) interface{} {
return identity.NewServerOAuthBlesser(&googleOAuth{
- rt: p.R,
duration: p.BlessingDuration,
domain: p.DomainRestriction,
dischargerLocation: p.DischargerLocation,
@@ -62,17 +55,18 @@
})
}
-func (b *googleOAuth) BlessUsingAccessToken(ctx ipc.ServerContext, accesstoken string) (vdlutil.Any, string, error) {
+func (b *googleOAuth) BlessUsingAccessToken(ctx ipc.ServerContext, accesstoken string) (security.WireBlessings, string, error) {
+ var noblessings security.WireBlessings
if len(b.accessTokenClients) == 0 {
- return nil, "", fmt.Errorf("server not configured for blessing based on access tokens")
+ return noblessings, "", fmt.Errorf("server not configured for blessing based on access tokens")
}
// URL from: https://developers.google.com/accounts/docs/OAuth2UserAgent#validatetoken
tokeninfo, err := http.Get("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=" + accesstoken)
if err != nil {
- return nil, "", fmt.Errorf("unable to use token: %v", err)
+ return noblessings, "", fmt.Errorf("unable to use token: %v", err)
}
if tokeninfo.StatusCode != http.StatusOK {
- return nil, "", fmt.Errorf("unable to verify access token: %v", tokeninfo.StatusCode)
+ return noblessings, "", fmt.Errorf("unable to verify access token: %v", tokeninfo.StatusCode)
}
// tokeninfo contains a JSON-encoded struct
var token struct {
@@ -86,7 +80,7 @@
AccessType string `json:"access_type"`
}
if err := json.NewDecoder(tokeninfo.Body).Decode(&token); err != nil {
- return nil, "", fmt.Errorf("invalid JSON response from Google's tokeninfo API: %v", err)
+ return noblessings, "", fmt.Errorf("invalid JSON response from Google's tokeninfo API: %v", err)
}
audienceMatch := false
for _, c := range b.accessTokenClients {
@@ -97,15 +91,10 @@
}
if !audienceMatch {
vlog.Infof("Got access token [%+v], wanted one of client ids %v", token, b.accessTokenClients)
- return nil, "", fmt.Errorf("token not meant for this purpose, confused deputy? https://developers.google.com/accounts/docs/OAuth2UserAgent#validatetoken")
+ return noblessings, "", fmt.Errorf("token not meant for this purpose, confused deputy? https://developers.google.com/accounts/docs/OAuth2UserAgent#validatetoken")
}
if !token.VerifiedEmail {
- return nil, "", fmt.Errorf("email not verified")
- }
-
- if ctx.LocalPrincipal() == nil || ctx.RemoteBlessings() == nil {
- // TODO(ataly, ashankar): Old security model, remove this block.
- return b.blessOldModel(ctx, token.Email)
+ return noblessings, "", fmt.Errorf("email not verified")
}
// Append "/webapp" to the blessing. Since blessings issued by this process do not have
// many caveats on them and typically have a large expiry duration, use the "/webapp" suffix
@@ -117,6 +106,9 @@
func (b *googleOAuth) bless(ctx ipc.ServerContext, extension string) (security.WireBlessings, string, error) {
var noblessings security.WireBlessings
self := ctx.LocalPrincipal()
+ if self == nil {
+ return noblessings, "", fmt.Errorf("server error: no authentication happened")
+ }
var caveat security.Caveat
var err error
if b.revocationManager != nil {
@@ -137,22 +129,3 @@
}
return security.MarshalBlessings(blessing), extension, nil
}
-
-// DEPRECATED
-// TODO(ataly, ashankar): Remove this method once we get rid of the old security model.
-func (b *googleOAuth) blessOldModel(ctx ipc.ServerContext, name string) (vdlutil.Any, string, error) {
- if len(b.domain) > 0 && !strings.HasSuffix(name, "@"+b.domain) {
- return nil, "", fmt.Errorf("blessings for name %q are not allowed due to domain restriction", name)
- }
- self := b.rt.Identity()
- var err error
- // Use the blessing that was used to authenticate with the client to bless it.
- if self, err = self.Derive(ctx.LocalID()); err != nil {
- return nil, "", err
- }
- blessing, err := self.Bless(ctx.RemoteID(), name, b.duration, nil)
- if err != nil {
- return nil, "", err
- }
- return blessing, name, nil
-}
diff --git a/services/identity/identity.vdl b/services/identity/identity.vdl
index faad788..ada48b2 100644
--- a/services/identity/identity.vdl
+++ b/services/identity/identity.vdl
@@ -1,6 +1,8 @@
// Package identity defines services for identity providers in the veyron ecosystem.
package identity
+import "veyron.io/veyron/veyron2/security"
+
// OAuthBlesser exchanges OAuth access tokens for
// an email address from an OAuth-based identity provider and uses the email
// address obtained to bless the client.
@@ -17,12 +19,12 @@
type OAuthBlesser interface {
// BlessUsingAccessToken uses the provided access token to obtain the email
// address and returns a blessing along with the email address.
- BlessUsingAccessToken(token string) (blessing any, email string, err error)
+ BlessUsingAccessToken(token string) (blessing security.WireBlessings, email string, err error)
}
// MacaroonBlesser returns a blessing given the provided macaroon string.
type MacaroonBlesser interface {
// Bless uses the provided macaroon (which contains email and caveats)
// to return a blessing for the client.
- Bless(macaroon string) (blessing any, err error)
+ Bless(macaroon string) (blessing security.WireBlessings, err error)
}
diff --git a/services/identity/identity.vdl.go b/services/identity/identity.vdl.go
index 2525ee7..068b53a 100644
--- a/services/identity/identity.vdl.go
+++ b/services/identity/identity.vdl.go
@@ -5,6 +5,8 @@
package identity
import (
+ "veyron.io/veyron/veyron2/security"
+
// The non-user imports are prefixed with "_gen_" to prevent collisions.
_gen_veyron2 "veyron.io/veyron/veyron2"
_gen_context "veyron.io/veyron/veyron2/context"
@@ -37,7 +39,7 @@
type OAuthBlesser_ExcludingUniversal interface {
// BlessUsingAccessToken uses the provided access token to obtain the email
// address and returns a blessing along with the email address.
- BlessUsingAccessToken(ctx _gen_context.T, token string, opts ..._gen_ipc.CallOpt) (blessing _gen_vdlutil.Any, email string, err error)
+ BlessUsingAccessToken(ctx _gen_context.T, token string, opts ..._gen_ipc.CallOpt) (blessing security.WireBlessings, email string, err error)
}
type OAuthBlesser interface {
_gen_ipc.UniversalServiceMethods
@@ -49,7 +51,7 @@
// BlessUsingAccessToken uses the provided access token to obtain the email
// address and returns a blessing along with the email address.
- BlessUsingAccessToken(context _gen_ipc.ServerContext, token string) (blessing _gen_vdlutil.Any, email string, err error)
+ BlessUsingAccessToken(context _gen_ipc.ServerContext, token string) (blessing security.WireBlessings, email string, err error)
}
// BindOAuthBlesser returns the client stub implementing the OAuthBlesser
@@ -99,7 +101,7 @@
return _gen_veyron2.RuntimeFromContext(ctx).Client()
}
-func (__gen_c *clientStubOAuthBlesser) BlessUsingAccessToken(ctx _gen_context.T, token string, opts ..._gen_ipc.CallOpt) (blessing _gen_vdlutil.Any, email string, err error) {
+func (__gen_c *clientStubOAuthBlesser) BlessUsingAccessToken(ctx _gen_context.T, token string, opts ..._gen_ipc.CallOpt) (blessing security.WireBlessings, email string, err error) {
var call _gen_ipc.Call
if call, err = __gen_c.client(ctx).StartCall(ctx, __gen_c.name, "BlessUsingAccessToken", []interface{}{token}, opts...); err != nil {
return
@@ -169,14 +171,40 @@
{Name: "token", Type: 3},
},
OutArgs: []_gen_ipc.MethodArgument{
- {Name: "blessing", Type: 65},
+ {Name: "blessing", Type: 74},
{Name: "email", Type: 3},
- {Name: "err", Type: 66},
+ {Name: "err", Type: 75},
},
}
result.TypeDefs = []_gen_vdlutil.Any{
- _gen_wiretype.NamedPrimitiveType{Type: 0x1, Name: "anydata", Tags: []string(nil)}, _gen_wiretype.NamedPrimitiveType{Type: 0x1, Name: "error", Tags: []string(nil)}}
+ _gen_wiretype.NamedPrimitiveType{Type: 0x32, Name: "byte", Tags: []string(nil)}, _gen_wiretype.SliceType{Elem: 0x41, Name: "", Tags: []string(nil)}, _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x42, Name: "ValidatorVOM"},
+ },
+ "veyron.io/veyron/veyron2/security.Caveat", []string(nil)},
+ _gen_wiretype.SliceType{Elem: 0x43, Name: "", Tags: []string(nil)}, _gen_wiretype.NamedPrimitiveType{Type: 0x3, Name: "veyron.io/veyron/veyron2/security.Hash", Tags: []string(nil)}, _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x42, Name: "Purpose"},
+ _gen_wiretype.FieldType{Type: 0x45, Name: "Hash"},
+ _gen_wiretype.FieldType{Type: 0x42, Name: "R"},
+ _gen_wiretype.FieldType{Type: 0x42, Name: "S"},
+ },
+ "veyron.io/veyron/veyron2/security.Signature", []string(nil)},
+ _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x3, Name: "Extension"},
+ _gen_wiretype.FieldType{Type: 0x42, Name: "PublicKey"},
+ _gen_wiretype.FieldType{Type: 0x44, Name: "Caveats"},
+ _gen_wiretype.FieldType{Type: 0x46, Name: "Signature"},
+ },
+ "veyron.io/veyron/veyron2/security.Certificate", []string(nil)},
+ _gen_wiretype.SliceType{Elem: 0x47, Name: "", Tags: []string(nil)}, _gen_wiretype.SliceType{Elem: 0x48, Name: "", Tags: []string(nil)}, _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x49, Name: "CertificateChains"},
+ },
+ "veyron.io/veyron/veyron2/security.WireBlessings", []string(nil)},
+ _gen_wiretype.NamedPrimitiveType{Type: 0x1, Name: "error", Tags: []string(nil)}}
return result, nil
}
@@ -199,7 +227,7 @@
return
}
-func (__gen_s *ServerStubOAuthBlesser) BlessUsingAccessToken(call _gen_ipc.ServerCall, token string) (blessing _gen_vdlutil.Any, email string, err error) {
+func (__gen_s *ServerStubOAuthBlesser) BlessUsingAccessToken(call _gen_ipc.ServerCall, token string) (blessing security.WireBlessings, email string, err error) {
blessing, email, err = __gen_s.service.BlessUsingAccessToken(call, token)
return
}
@@ -211,7 +239,7 @@
type MacaroonBlesser_ExcludingUniversal interface {
// Bless uses the provided macaroon (which contains email and caveats)
// to return a blessing for the client.
- Bless(ctx _gen_context.T, macaroon string, opts ..._gen_ipc.CallOpt) (reply _gen_vdlutil.Any, err error)
+ Bless(ctx _gen_context.T, macaroon string, opts ..._gen_ipc.CallOpt) (reply security.WireBlessings, err error)
}
type MacaroonBlesser interface {
_gen_ipc.UniversalServiceMethods
@@ -223,7 +251,7 @@
// Bless uses the provided macaroon (which contains email and caveats)
// to return a blessing for the client.
- Bless(context _gen_ipc.ServerContext, macaroon string) (reply _gen_vdlutil.Any, err error)
+ Bless(context _gen_ipc.ServerContext, macaroon string) (reply security.WireBlessings, err error)
}
// BindMacaroonBlesser returns the client stub implementing the MacaroonBlesser
@@ -273,7 +301,7 @@
return _gen_veyron2.RuntimeFromContext(ctx).Client()
}
-func (__gen_c *clientStubMacaroonBlesser) Bless(ctx _gen_context.T, macaroon string, opts ..._gen_ipc.CallOpt) (reply _gen_vdlutil.Any, err error) {
+func (__gen_c *clientStubMacaroonBlesser) Bless(ctx _gen_context.T, macaroon string, opts ..._gen_ipc.CallOpt) (reply security.WireBlessings, err error) {
var call _gen_ipc.Call
if call, err = __gen_c.client(ctx).StartCall(ctx, __gen_c.name, "Bless", []interface{}{macaroon}, opts...); err != nil {
return
@@ -343,13 +371,39 @@
{Name: "macaroon", Type: 3},
},
OutArgs: []_gen_ipc.MethodArgument{
- {Name: "blessing", Type: 65},
- {Name: "err", Type: 66},
+ {Name: "blessing", Type: 74},
+ {Name: "err", Type: 75},
},
}
result.TypeDefs = []_gen_vdlutil.Any{
- _gen_wiretype.NamedPrimitiveType{Type: 0x1, Name: "anydata", Tags: []string(nil)}, _gen_wiretype.NamedPrimitiveType{Type: 0x1, Name: "error", Tags: []string(nil)}}
+ _gen_wiretype.NamedPrimitiveType{Type: 0x32, Name: "byte", Tags: []string(nil)}, _gen_wiretype.SliceType{Elem: 0x41, Name: "", Tags: []string(nil)}, _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x42, Name: "ValidatorVOM"},
+ },
+ "veyron.io/veyron/veyron2/security.Caveat", []string(nil)},
+ _gen_wiretype.SliceType{Elem: 0x43, Name: "", Tags: []string(nil)}, _gen_wiretype.NamedPrimitiveType{Type: 0x3, Name: "veyron.io/veyron/veyron2/security.Hash", Tags: []string(nil)}, _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x42, Name: "Purpose"},
+ _gen_wiretype.FieldType{Type: 0x45, Name: "Hash"},
+ _gen_wiretype.FieldType{Type: 0x42, Name: "R"},
+ _gen_wiretype.FieldType{Type: 0x42, Name: "S"},
+ },
+ "veyron.io/veyron/veyron2/security.Signature", []string(nil)},
+ _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x3, Name: "Extension"},
+ _gen_wiretype.FieldType{Type: 0x42, Name: "PublicKey"},
+ _gen_wiretype.FieldType{Type: 0x44, Name: "Caveats"},
+ _gen_wiretype.FieldType{Type: 0x46, Name: "Signature"},
+ },
+ "veyron.io/veyron/veyron2/security.Certificate", []string(nil)},
+ _gen_wiretype.SliceType{Elem: 0x47, Name: "", Tags: []string(nil)}, _gen_wiretype.SliceType{Elem: 0x48, Name: "", Tags: []string(nil)}, _gen_wiretype.StructType{
+ []_gen_wiretype.FieldType{
+ _gen_wiretype.FieldType{Type: 0x49, Name: "CertificateChains"},
+ },
+ "veyron.io/veyron/veyron2/security.WireBlessings", []string(nil)},
+ _gen_wiretype.NamedPrimitiveType{Type: 0x1, Name: "error", Tags: []string(nil)}}
return result, nil
}
@@ -372,7 +426,7 @@
return
}
-func (__gen_s *ServerStubMacaroonBlesser) Bless(call _gen_ipc.ServerCall, macaroon string) (reply _gen_vdlutil.Any, err error) {
+func (__gen_s *ServerStubMacaroonBlesser) Bless(call _gen_ipc.ServerCall, macaroon string) (reply security.WireBlessings, err error) {
reply, err = __gen_s.service.Bless(call, macaroon)
return
}
diff --git a/services/identity/identityd/main.go b/services/identity/identityd/main.go
index 252362f..12d21bd 100644
--- a/services/identity/identityd/main.go
+++ b/services/identity/identityd/main.go
@@ -61,7 +61,7 @@
func main() {
flag.Usage = usage
- r := rt.Init(providerIdentityOld(), providerPrincipal())
+ r := rt.Init(providerPrincipal())
defer r.Cleanup()
if len(*auditfilter) > 0 {
@@ -144,7 +144,7 @@
// their suffix. ReflectInvoker is used to invoke methods.
func newDispatcher(googleParams blesser.GoogleParams, macaroonKey []byte) ipc.Dispatcher {
d := dispatcher(map[string]ipc.Invoker{
- macaroonService: ipc.ReflectInvoker(blesser.NewMacaroonBlesserServer(googleParams.R, macaroonKey)),
+ macaroonService: ipc.ReflectInvoker(blesser.NewMacaroonBlesserServer(macaroonKey)),
dischargerService: ipc.ReflectInvoker(services.NewServerDischarger(discharger.NewDischarger())),
})
if len(*googleConfigChrome) > 0 || len(*googleConfigAndroid) > 0 {
@@ -169,7 +169,6 @@
// Starts the blessing services and the discharging service on the same port.
func setupServices(r veyron2.Runtime, revocationManager *revocation.RevocationManager, macaroonKey []byte) (ipc.Server, []string, error) {
googleParams := blesser.GoogleParams{
- R: r,
// TODO(ashankar,nlacasse): Figure out how to have web-appications use the "caveats" form and
// always select an expiry instead of forcing a ridiculously large value here.
BlessingDuration: 365 * 24 * time.Hour,
@@ -302,22 +301,6 @@
return nil
}
-// TOOD(ashankar): Remove
-// providerIdentityOld returns the PrivateID of the identity provider (i.e., this program) itself.
-func providerIdentityOld() veyron2.ROpt {
- r, err := rt.New()
- if err != nil {
- vlog.Fatal(err)
- }
- defer r.Cleanup()
- id := r.Identity()
- if len(*auditprefix) > 0 {
- vlog.Errorf("Auditing is temporarily disabled. Ask suharshs@ for details")
- *auditprefix = ""
- }
- return options.RuntimeID{id}
-}
-
func httpaddress() string {
_, port, err := net.SplitHostPort(*httpaddr)
if err != nil {
diff --git a/services/identity/util/b64vom.go b/services/identity/util/b64vom.go
deleted file mode 100644
index add1cb4..0000000
--- a/services/identity/util/b64vom.go
+++ /dev/null
@@ -1,38 +0,0 @@
-package util
-
-import (
- "bytes"
- "encoding/base64"
-
- "veyron.io/veyron/veyron2/vom"
-)
-
-// TODO(ashankar): Once the old security model is ripped out, the only use of
-// these functions will be in the "principal" command-line tool. So, move these
-// helper functions there instead of having them here.
-
-// Bas64VomEncode returns the base64 encoding of the serialization of i with
-// vom.
-func Base64VomEncode(i interface{}) (string, error) {
- buf := &bytes.Buffer{}
- closer := base64.NewEncoder(base64.URLEncoding, buf)
- if err := vom.NewEncoder(closer).Encode(i); err != nil {
- return "", err
- }
- // Must close the base64 encoder to flush out any partially written
- // blocks.
- if err := closer.Close(); err != nil {
- return "", err
- }
- return buf.String(), nil
-}
-
-// Base64VomDecode is the reverse of encode - filling in i after vom-decoding
-// the base64-encoded string s.
-func Base64VomDecode(s string, i interface{}) error {
- b, err := base64.URLEncoding.DecodeString(s)
- if err != nil {
- return err
- }
- return vom.NewDecoder(bytes.NewBuffer(b)).Decode(i)
-}
diff --git a/services/identity/util/b64vom_test.go b/services/identity/util/b64vom_test.go
deleted file mode 100644
index 08bed10..0000000
--- a/services/identity/util/b64vom_test.go
+++ /dev/null
@@ -1,33 +0,0 @@
-package util
-
-import (
- "reflect"
- "testing"
-)
-
-func TestCoder(t *testing.T) {
- var iface iface
- impl := &impl{}
- iface = impl
- tests := []interface{}{
- 1,
- "string",
- impl,
- iface,
- }
- for _, item := range tests {
- b64, err := Base64VomEncode(item)
- if err != nil {
- t.Errorf("Failed to encode %T=%#v: %v", item, item, err)
- continue
- }
- var decoded interface{}
- if err = Base64VomDecode(b64, &decoded); err != nil {
- t.Errorf("Failed to decode %T=%#v: %v", item, item, err)
- continue
- }
- if !reflect.DeepEqual(decoded, item) {
- t.Errorf("Got (%T, %#v) want (%T, %#v)", decoded, decoded, item, item)
- }
- }
-}
diff --git a/tools/identity/bless.go b/tools/identity/bless.go
deleted file mode 100644
index 05d5546..0000000
--- a/tools/identity/bless.go
+++ /dev/null
@@ -1,134 +0,0 @@
-package main
-
-import (
- "crypto/rand"
- "encoding/base64"
- "fmt"
- "html/template"
- "net"
- "net/http"
- "net/url"
- "os"
- "os/exec"
- "strings"
-
- "veyron.io/veyron/veyron/services/identity/googleoauth"
- "veyron.io/veyron/veyron2/vlog"
-)
-
-func getMacaroonForBlessRPC(blessServerURL string, blessedChan <-chan string) (<-chan string, error) {
- // Setup a HTTP server to recieve a blessing macaroon from the identity server.
- // Steps:
- // 1. Generate a state token to be included in the HTTP request
- // (though, arguably, the random port assigment for the HTTP server is enough
- // for XSRF protection)
- // 2. Setup a HTTP server which will receive the final blessing macaroon from the id server.
- // 3. Print out the link (to start the auth flow) for the user to click.
- // 4. Return the macaroon and the rpc object name(where to make the MacaroonBlesser.Bless RPC call)
- // in the "result" channel.
- var stateBuf [32]byte
- if _, err := rand.Read(stateBuf[:]); err != nil {
- return nil, fmt.Errorf("failed to generate state token for OAuth: %v", err)
- }
- state := base64.URLEncoding.EncodeToString(stateBuf[:])
-
- ln, err := net.Listen("tcp", "127.0.0.1:0")
- if err != nil {
- return nil, fmt.Errorf("failed to setup authorization code interception server: %v", err)
- }
- result := make(chan string)
-
- redirectURL := fmt.Sprintf("http://%s/macaroon", ln.Addr())
- http.HandleFunc("/macaroon", func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "text/html")
- tmplArgs := struct {
- Blessing, ErrShort, ErrLong string
- }{}
- defer func() {
- if len(tmplArgs.ErrShort) > 0 {
- w.WriteHeader(http.StatusBadRequest)
- }
- if err := tmpl.Execute(w, tmplArgs); err != nil {
- vlog.Info("Failed to render template:", err)
- }
- }()
-
- toolState := r.FormValue("state")
- if toolState != state {
- tmplArgs.ErrShort = "Unexpected request"
- tmplArgs.ErrLong = "Mismatched state parameter. Possible cross-site-request-forging?"
- return
- }
- result <- r.FormValue("macaroon")
- result <- r.FormValue("object_name")
- defer close(result)
- blessed, ok := <-blessedChan
- if !ok {
- tmplArgs.ErrShort = "No blessing received"
- tmplArgs.ErrLong = "Unable to obtain blessing from the Veyron service"
- return
- }
- tmplArgs.Blessing = blessed
- ln.Close()
- })
- go http.Serve(ln, nil)
-
- // Print the link to start the flow.
- url, err := seekBlessingURL(blessServerURL, redirectURL, state)
- if err != nil {
- return nil, fmt.Errorf("failed to create seekBlessingURL: %s", err)
- }
- fmt.Fprintln(os.Stderr, "Please visit the following URL to complete the blessing creation:")
- fmt.Fprintln(os.Stderr, url)
- // Make an attempt to start the browser as a convenience.
- // If it fails, doesn't matter - the client can see the URL printed above.
- // Use exec.Command().Start instead of exec.Command().Run since there is no
- // need to wait for the command to return (and indeed on some window managers,
- // the command will not exit until the browser is closed).
- exec.Command(openCommand, url).Start()
- return result, nil
-}
-
-func seekBlessingURL(blessServerURL, redirectURL, state string) (string, error) {
- baseURL, err := url.Parse(joinURL(blessServerURL, googleoauth.SeekBlessingsRoute))
- if err != nil {
- return "", fmt.Errorf("failed to parse url: %v", err)
- }
- params := url.Values{}
- params.Add("redirect_url", redirectURL)
- params.Add("state", state)
- baseURL.RawQuery = params.Encode()
- return baseURL.String(), nil
-}
-
-func joinURL(baseURL, suffix string) string {
- if !strings.HasSuffix(baseURL, "/") {
- baseURL += "/"
- }
- return baseURL + suffix
-}
-
-var tmpl = template.Must(template.New("name").Parse(`<!doctype html>
-<html>
-<head>
-<meta charset="UTF-8">
-<title>Veyron Identity: Google</title>
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">
-{{if .Blessing}}
-<!--Attempt to close the window. Though this script does not work on many browser configurations-->
-<script type="text/javascript">window.close();</script>
-{{end}}
-</head>
-<body>
-<div class="container">
-{{if .ErrShort}}
-<h1><span class="label label-danger">error</span>{{.ErrShort}}</h1>
-<div class="well">{{.ErrLong}}</div>
-{{else}}
-<h3>Received blessing: <tt>{{.Blessing}}</tt></h3>
-<div class="well">If the name is prefixed with "unknown/", ignore that. You can close this window, the command line tool has retrieved the blessing</div>
-{{end}}
-</div>
-</body>
-</html>`))
diff --git a/tools/identity/doc.go b/tools/identity/doc.go
deleted file mode 100644
index ed0b8e2..0000000
--- a/tools/identity/doc.go
+++ /dev/null
@@ -1,119 +0,0 @@
-// This file was auto-generated via go generate.
-// DO NOT UPDATE MANUALLY
-
-/*
-The identity tool helps create and manage keys and blessings that are used for
-identification in veyron.
-
-Usage:
- identity <command>
-
-The identity commands are:
- print Print out information about the provided identity
- generate Generate an identity with a newly minted private key
- bless Bless another identity with your own
- seekblessing Seek a blessing from the default veyron identity provider
- help Display help for commands or topics
-Run "identity help [command]" for command usage.
-
-The global flags are:
- -alsologtostderr=true: log to standard error as well as files
- -log_backtrace_at=:0: when logging hits line file:N, emit a stack trace
- -log_dir=: if non-empty, write log files to this directory
- -logtostderr=false: log to standard error instead of files
- -max_stack_buf_size=4292608: max size in bytes of the buffer to use for logging stack traces
- -stderrthreshold=2: logs at or above this threshold go to stderr
- -v=0: log level for V logs
- -vmodule=: comma-separated list of pattern=N settings for file-filtered logging
- -vv=0: log level for V logs
-
-Identity Print
-
-Print dumps out information about the identity encoded in the provided file,
-or if no filename is provided, then the identity that would be used by binaries
-started in the same environment.
-
-Usage:
- identity print [<file>]
-
-<file> is the path to a file containing a base64-encoded, VOM encoded identity,
-typically obtained from this tool. - is used for STDIN and an empty string
-implies the identity encoded in the environment.
-
-Identity Generate
-
-Generate a new private key and create an identity that binds <name> to
-this key.
-
-Since the generated identity has a newly minted key, it will be typically
-unusable at other veyron services as those services have placed no trust
-in this key. In such cases, you likely want to seek a blessing for this
-generated identity using the 'bless' command.
-
-Usage:
- identity generate [<name>]
-
-<name> is the name to bind the newly minted private key to. If not specified,
-a name will be generated based on the hostname of the machine and the name of
-the user running this command.
-
-Identity Bless
-
-Bless uses the identity of the tool (either from an environment variable or
-explicitly specified using --with) to bless another identity encoded in a
-file (or STDIN). No caveats are applied to this blessing other than expiration,
-which is specified with --for.
-
-The output consists of a base64-vom encoded security.PrivateID or security.PublicID,
-depending on what was provided as input.
-
-For example, if the tool has an identity veyron/user/device, then
-bless /tmp/blessee batman
-will generate a blessing with the name veyron/user/device/batman
-
-The identity of the tool can be specified with the --with flag:
-bless --with /tmp/id /tmp/blessee batman
-
-Usage:
- identity bless [flags] <file> <name>
-
-<file> is the name of the file containing a base64-vom encoded security.PublicID
-or security.PrivateID
-
-<name> is the name to use for the blessing.
-
-The bless flags are:
- -for=8760h0m0s: Expiry time of blessing (defaults to 1 year)
- -with=: Path to file containing identity to bless with (or - for STDIN)
-
-Identity Seekblessing
-
-Seeks a blessing from a default, hardcoded Veyron identity provider which
-requires the caller to first authenticate with Google using OAuth. Simply
-run the command to see what happens.
-
-The blessing is sought for the identity that this tool is using. An alternative
-can be provided with the --for flag.
-
-Usage:
- identity seekblessing [flags]
-
-The seekblessing flags are:
- -for=: Path to file containing identity to bless (or - for STDIN)
- -from=https://proxy.envyor.com:8125/google: URL to use to begin the seek blessings process
-
-Identity Help
-
-Help with no args displays the usage of the parent command.
-Help with args displays the usage of the specified sub-command or help topic.
-"help ..." recursively displays help for all commands and topics.
-
-Usage:
- identity help [flags] [command/topic ...]
-
-[command/topic ...] optionally identifies a specific sub-command or help topic.
-
-The help flags are:
- -style=text: The formatting style for help output, either "text" or "godoc".
-*/
-package main
diff --git a/tools/identity/main.go b/tools/identity/main.go
deleted file mode 100644
index eae874c..0000000
--- a/tools/identity/main.go
+++ /dev/null
@@ -1,320 +0,0 @@
-// The following enables go generate to generate the doc.go file.
-// Things to look out for:
-// 1) go:generate evaluates double-quoted strings into a single argument.
-// 2) go:generate performs $NAME expansion, so the bash cmd can't contain '$'.
-// 3) We generate into a *.tmp file first, otherwise "go run" will pick up the
-// initially empty *.go file, and fail.
-// 4) Since "go run" ignores build directives, we must manually filter out
-// main_*.go for different platforms.
-//
-//go:generate bash -c "{ echo -e '// This file was auto-generated via go generate.\n// DO NOT UPDATE MANUALLY\n\n/*' && veyron go run `echo *.go | tr ' ' '\n' | grep -v main_darwin.go` help -style=godoc ... && echo -e '*/\npackage main'; } > ./doc.go.tmp && mv ./doc.go.tmp ./doc.go"
-
-package main
-
-import (
- "bytes"
- "fmt"
- "io"
- "os"
- "os/user"
- "time"
-
- "veyron.io/veyron/veyron2/options"
- "veyron.io/veyron/veyron2/rt"
- "veyron.io/veyron/veyron2/security"
- "veyron.io/veyron/veyron2/vdl/vdlutil"
- "veyron.io/veyron/veyron2/vlog"
-
- "veyron.io/veyron/veyron/lib/cmdline"
- _ "veyron.io/veyron/veyron/profiles"
- "veyron.io/veyron/veyron/services/identity"
- "veyron.io/veyron/veyron/services/identity/util"
-)
-
-var (
- // Flags for the "bless" command
- flagBlessWith string
- flagBlessFor time.Duration
-
- // Flags for the "seekblessing" command
- flagSeekBlessingFor string
- flagSeekBlessingOAuthClientID string
- flagSeekBlessingFrom string
-
- cmdPrint = &cmdline.Command{
- Name: "print",
- Short: "Print out information about the provided identity",
- Long: `
-Print dumps out information about the identity encoded in the provided file,
-or if no filename is provided, then the identity that would be used by binaries
-started in the same environment.
-`,
- ArgsName: "[<file>]",
- ArgsLong: `
-<file> is the path to a file containing a base64-encoded, VOM encoded identity,
-typically obtained from this tool. - is used for STDIN and an empty string
-implies the identity encoded in the environment.
-`,
- Run: func(cmd *cmdline.Command, args []string) error {
- if len(args) > 1 {
- return fmt.Errorf("require at most one argument, <file>, provided %d", len(args))
- }
- id := rt.R().Identity()
- if len(args) == 1 {
- if err := decode(args[0], &id); err != nil {
- return err
- }
- }
- fmt.Println("Name : ", id.PublicID())
- fmt.Printf("Go Type : %T\n", id)
- fmt.Printf("PublicKey: %v\n", id.PublicID().PublicKey())
- fmt.Println("Any caveats in the identity are not printed")
- return nil
- },
- }
-
- cmdGenerate = &cmdline.Command{
- Name: "generate",
- Short: "Generate an identity with a newly minted private key",
- Long: `
-Generate a new private key and create an identity that binds <name> to
-this key.
-
-Since the generated identity has a newly minted key, it will be typically
-unusable at other veyron services as those services have placed no trust
-in this key. In such cases, you likely want to seek a blessing for this
-generated identity using the 'bless' command.
-`,
- ArgsName: "[<name>]",
- ArgsLong: `
-<name> is the name to bind the newly minted private key to. If not specified,
-a name will be generated based on the hostname of the machine and the name of
-the user running this command.
-`,
- Run: func(cmd *cmdline.Command, args []string) error {
- r := rt.R()
- var name string
- switch len(args) {
- case 0:
- name = defaultIdentityName()
- case 1:
- name = args[0]
- default:
- return fmt.Errorf("require at most one argument, provided %d", len(args))
- }
- id, err := r.NewIdentity(name)
- if err != nil {
- return fmt.Errorf("NewIdentity(%q) failed: %v", name, err)
- }
- output, err := util.Base64VomEncode(id)
- if err != nil {
- return fmt.Errorf("failed to encode identity: %v", err)
- }
- fmt.Println(output)
- return nil
- },
- }
-
- cmdBless = &cmdline.Command{
- Name: "bless",
- Short: "Bless another identity with your own",
- Long: `
-Bless uses the identity of the tool (either from an environment variable or
-explicitly specified using --with) to bless another identity encoded in a
-file (or STDIN). No caveats are applied to this blessing other than expiration,
-which is specified with --for.
-
-The output consists of a base64-vom encoded security.PrivateID or security.PublicID,
-depending on what was provided as input.
-
-For example, if the tool has an identity veyron/user/device, then
-bless /tmp/blessee batman
-will generate a blessing with the name veyron/user/device/batman
-
-The identity of the tool can be specified with the --with flag:
-bless --with /tmp/id /tmp/blessee batman
-`,
- ArgsName: "<file> <name>",
- ArgsLong: `
-<file> is the name of the file containing a base64-vom encoded security.PublicID
-or security.PrivateID
-
-<name> is the name to use for the blessing.
-`,
- Run: func(cmd *cmdline.Command, args []string) error {
- if len(args) != 2 {
- return fmt.Errorf("expected exactly two arguments (<file> and <name>), got %d", len(args))
- }
- blesser := rt.R().Identity()
- if len(flagBlessWith) > 0 {
- if err := decode(flagBlessWith, &blesser); err != nil {
- return err
- }
- }
- name := args[1]
- var blessee security.PublicID
- var private security.PrivateID
- encoded, err := read(args[0])
- if err != nil {
- return err
- }
- if util.Base64VomDecode(encoded, &blessee); err != nil || blessee == nil {
- if err := util.Base64VomDecode(encoded, &private); err != nil || private == nil {
- return fmt.Errorf("failed to extract security.PublicID or security.PrivateID: (%v, %v)", private, err)
- }
- blessee = private.PublicID()
- }
- blessed, err := blesser.Bless(blessee, name, flagBlessFor, nil)
- if err != nil {
- return err
- }
- var object interface{} = blessed
- if private != nil {
- object, err = private.Derive(blessed)
- if err != nil {
- return err
- }
- }
- output, err := util.Base64VomEncode(object)
- if err != nil {
- return err
- }
- fmt.Println(output)
- return nil
- },
- }
-
- cmdSeekBlessing = &cmdline.Command{
- Name: "seekblessing",
- Short: "Seek a blessing from the default veyron identity provider",
- Long: `
-Seeks a blessing from a default, hardcoded Veyron identity provider which
-requires the caller to first authenticate with Google using OAuth. Simply
-run the command to see what happens.
-
-The blessing is sought for the identity that this tool is using. An alternative
-can be provided with the --for flag.
-`,
- Run: func(cmd *cmdline.Command, args []string) error {
- r := rt.R()
- id := r.Identity()
-
- if len(flagSeekBlessingFor) > 0 {
- if err := decode(flagSeekBlessingFor, &id); err != nil {
- return err
- }
- var err error
- if r, err = rt.New(options.RuntimeID{id}); err != nil {
- return err
- }
- }
-
- blessedChan := make(chan string)
- defer close(blessedChan)
- macaroonChan, err := getMacaroonForBlessRPC(flagSeekBlessingFrom, blessedChan)
- if err != nil {
- return fmt.Errorf("failed to get authorization code from Google: %v", err)
- }
- macaroon := <-macaroonChan
- service := <-macaroonChan
-
- ctx, cancel := r.NewContext().WithTimeout(time.Minute)
- defer cancel()
-
- wait := time.Second
- const maxWait = 20 * time.Second
- var reply vdlutil.Any
- for {
- blesser, err := identity.BindMacaroonBlesser(service, r.Client())
- if err == nil {
- reply, err = blesser.Bless(ctx, macaroon)
- }
- if err != nil {
- vlog.Infof("Failed to get blessing from %q: %v, will try again in %v", service, err, wait)
- time.Sleep(wait)
- if wait = wait + 2*time.Second; wait > maxWait {
- wait = maxWait
- }
- continue
- }
- blessed, ok := reply.(security.PublicID)
- if !ok {
- return fmt.Errorf("received %T, want security.PublicID", reply)
- }
- if id, err = id.Derive(blessed); err != nil {
- return fmt.Errorf("received incompatible blessing from %q: %v", service, err)
- }
- output, err := util.Base64VomEncode(id)
- if err != nil {
- return fmt.Errorf("failed to encode blessing: %v", err)
- }
- fmt.Println(output)
- blessedChan <- fmt.Sprint(blessed)
- // Wait for getTokenForBlessRPC to clean up:
- <-macaroonChan
- return nil
- }
- },
- }
-)
-
-func main() {
- rt.Init()
- cmdBless.Flags.StringVar(&flagBlessWith, "with", "", "Path to file containing identity to bless with (or - for STDIN)")
- cmdBless.Flags.DurationVar(&flagBlessFor, "for", 365*24*time.Hour, "Expiry time of blessing (defaults to 1 year)")
- cmdSeekBlessing.Flags.StringVar(&flagSeekBlessingFor, "for", "", "Path to file containing identity to bless (or - for STDIN)")
- cmdSeekBlessing.Flags.StringVar(&flagSeekBlessingFrom, "from", "https://proxy.envyor.com:8125/google", "URL to use to begin the seek blessings process")
-
- (&cmdline.Command{
- Name: "identity",
- Short: "Create and manage veyron identities",
- Long: `
-The identity tool helps create and manage keys and blessings that are used for
-identification in veyron.
-`,
- Children: []*cmdline.Command{cmdPrint, cmdGenerate, cmdBless, cmdSeekBlessing},
- }).Main()
-}
-
-func read(fname string) (string, error) {
- if len(fname) == 0 {
- return "", nil
- }
- f := os.Stdin
- if fname != "-" {
- var err error
- if f, err = os.Open(fname); err != nil {
- return "", fmt.Errorf("failed to open %q: %v", fname, err)
- }
- }
- defer f.Close()
- var buf bytes.Buffer
- if _, err := io.Copy(&buf, f); err != nil {
- return "", fmt.Errorf("failed to read %q: %v", fname, err)
- }
- return buf.String(), nil
-}
-
-func decode(fname string, val interface{}) error {
- str, err := read(fname)
- if err != nil {
- return err
- }
- if err := util.Base64VomDecode(str, val); err != nil || val == nil {
- return fmt.Errorf("failed to decode %q: %v", fname, err)
- }
- return nil
-}
-
-func defaultIdentityName() string {
- var name string
- if user, _ := user.Current(); user != nil && len(user.Username) > 0 {
- name = user.Username
- } else {
- name = "anonymous"
- }
- if host, _ := os.Hostname(); len(host) > 0 {
- name = name + "@" + host
- }
- return name
-}
diff --git a/tools/identity/main_darwin.go b/tools/identity/main_darwin.go
deleted file mode 100644
index bceafd2..0000000
--- a/tools/identity/main_darwin.go
+++ /dev/null
@@ -1,5 +0,0 @@
-// +build darwin
-
-package main
-
-const openCommand = "open"
diff --git a/tools/identity/main_linux.go b/tools/identity/main_linux.go
deleted file mode 100644
index cb73c65..0000000
--- a/tools/identity/main_linux.go
+++ /dev/null
@@ -1,5 +0,0 @@
-// +build linux
-
-package main
-
-const openCommand = "xdg-open"
diff --git a/tools/identity/main_nacl.go b/tools/identity/main_nacl.go
deleted file mode 100644
index 2de5f27..0000000
--- a/tools/identity/main_nacl.go
+++ /dev/null
@@ -1,3 +0,0 @@
-package main
-
-const openCommand = "not-implemented"
diff --git a/tools/identity/test.sh b/tools/identity/test.sh
deleted file mode 100755
index 53a8263..0000000
--- a/tools/identity/test.sh
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/bin/bash
-
-# Test the identity command-line tool.
-#
-# This tests most operations of the identity command-line tool.
-# Not the "seekblessing" command yet, since that requires
-# starting a separate server.
-
-source "${VEYRON_ROOT}/scripts/lib/shell_test.sh"
-
-readonly WORKDIR="${shell_test_WORK_DIR}"
-
-build() {
- IDENTITY_BIN="$(shell_test::build_go_binary 'veyron.io/veyron/veyron/tools/identity')"
-}
-
-main() {
- local GOT
- local WANT
-
- cd "${WORKDIR}"
- build
-
- "${IDENTITY_BIN}" print >/dev/null || shell_test::fail "line ${LINENO}: print failed"
- "${IDENTITY_BIN}" generate >/dev/null || shell_test::fail "line ${LINENO}: generate failed"
- "${IDENTITY_BIN}" generate root >root || shell_test::fail "line ${LINENO}: generate root failed"
-
- export VEYRON_IDENTITY="root"
-
- # Generate an identity and get it blessed by root using "identity bless"
- GOT=$("${IDENTITY_BIN}" generate ignoreme | "${IDENTITY_BIN}" bless - child | "${IDENTITY_BIN}" print - | awk '/Name/ {print $3}') \
- || shell_test::fail "line ${LINENO}: failed to run identity"
- WANT="root/child"
- shell_test::assert_eq "${GOT}" "${WANT}" "${LINENO}"
-
- # Generate an identity and get it blessed by root using "identity bless --with"
- "${IDENTITY_BIN}" generate other >other || shell_test::fail
- GOT=$("${IDENTITY_BIN}" generate ignoreme | "${IDENTITY_BIN}" bless --with=other - child | "${IDENTITY_BIN}" print - | awk '/Name/ {print $3}') \
- || shell_test::fail "line ${LINENO}: failed to run identity"
- WANT="unknown/other/child"
- shell_test::assert_eq "${GOT}" "${WANT}" "${LINENO}"
-
- # Test that previously generated identities can be interpreted
- # (i.e., any changes to the Certificate or Signature scheme are backward compatible).
- # To regenerate testdata:
- # identity generate "root" >testdata/root.id
- # identity generate "other" | VEYRON_IDENTITY=testdata/root.id identity bless - "blessed" >testdata/blessed.id
- local -r TESTDATA_DIR="${VEYRON_ROOT}/veyron/go/src/veyron.io/veyron/veyron/tools/identity/testdata"
- GOT=$(VEYRON_IDENTITY="${TESTDATA_DIR}/root.id" "${IDENTITY_BIN}" print | awk '/Name/ {print $3}') \
- || shell_test::fail "line ${LINENO}: failed to run identity"
- WANT="root"
- shell_test::assert_eq "${GOT}" "${WANT}" "${LINENO}"
-
- GOT=$(VEYRON_IDENTITY="${TESTDATA_DIR}/root.id" "${IDENTITY_BIN}" print "${TESTDATA_DIR}/blessed.id" | awk '/Name/ {print $3}') \
- || shell_test::fail "line ${LINENO}: failed to run identity"
- WANT="root/blessed"
- shell_test::assert_eq "${GOT}" "${WANT}" "${LINENO}"
-
- shell_test::pass
-}
-
-main "$@"
diff --git a/tools/identity/testdata/blessed.id b/tools/identity/testdata/blessed.id
deleted file mode 100644
index e37f92c..0000000
--- a/tools/identity/testdata/blessed.id
+++ /dev/null
@@ -1 +0,0 @@
-_4EEGgFCAP-DNBoBQwEudmV5cm9uL3J1bnRpbWVzL2dvb2dsZS9zZWN1cml0eS5jaGFpblByaXZhdGVJRAD_hUIYAQIBRAEIUHVibGljSUQAAQQBBlNlY3JldAABJHZleXJvbjIvc2VjdXJpdHkvd2lyZS5DaGFpblByaXZhdGVJRAD_hzoYAQEBRQEMQ2VydGlmaWNhdGVzAAEjdmV5cm9uMi9zZWN1cml0eS93aXJlLkNoYWluUHVibGljSUQA_4kEEgFGAP-LWBgBBAEDAQROYW1lAAFHAQlQdWJsaWNLZXkAAUgBB0NhdmVhdHMAAUkBCVNpZ25hdHVyZQABIXZleXJvbjIvc2VjdXJpdHkvd2lyZS5DZXJ0aWZpY2F0ZQD_jTYYAQIBSgEFQ3VydmUAAQQBAlhZAAEfdmV5cm9uMi9zZWN1cml0eS93aXJlLlB1YmxpY0tleQD_kyQQATIBHnZleXJvbjIvc2VjdXJpdHkvd2lyZS5LZXlDdXJ2ZQD_jwQSAUsA_5U4GAECAUwBB1NlcnZpY2UAAQQBBUJ5dGVzAAEcdmV5cm9uMi9zZWN1cml0eS93aXJlLkNhdmVhdAD_lyYQAQMBIHZleXJvbjIvc2VjdXJpdHkuQmxlc3NpbmdQYXR0ZXJuAP-RQRgBBAEEAQdQdXJwb3NlAAFNAQRIYXNoAAEEAQFSAAEEAQFTAAEadmV5cm9uMi9zZWN1cml0eS5TaWduYXR1cmUA_5kbEAEDARV2ZXlyb24yL3NlY3VyaXR5Lkhhc2gA_4L-AekBAwEBAgEEcm9vdAECQQR1ZDEzHjN7tLOdEM6Z2MqpkDhyZQRk5CcSKajBCznOMEXs5pZuk9XkdS6V3TPiXzfj6EOxSKZ1isDBr11IMOPDAAICBlNIQTI1NgEg1j2u99QNeGA15m6eI_hxuntQWdaysi-HS4NTfnMRZegBII7DHvLbX9tRjwSUzPCvqF_NFdw196t1mGqQdJ5E9kv1AAABB2JsZXNzZWQBAkEELeeHug1HT4I5FA8j0NdeBUm9hafcqhH9QM68PgbKTBe03M1wYWPHCc8McWoXSa3hlK-zClpWWiJGJXInXUhqiAABAQL_g_-BBBoBQgD_g0AYAQIBQwEJSXNzdWVUaW1lAAFDAQpFeHBpcnlUaW1lAAEddmV5cm9uL3NlY3VyaXR5L2NhdmVhdC5FeHBpcnkA_4UPEAEEAQl0aW1lLlRpbWUA_4IkAQEPAQAAAA7LqYJWEdyEcP5cAQ8BAAAADs2KtdYR3IRw_lwAAAECBlNIQTI1NgEgY9Nbw2giydxwd7MdhSvZifMIaIq70nCzxixK08v8IAIBIEvNvg76cd7EEkhj0Gjvnk5cEmBj6d8_cHf7jO-CyII1AAAAASD2pal-EypcX-8GsTuRKHLFw4B70UHrIxjGyw65Ai76bgA=
diff --git a/tools/identity/testdata/root.id b/tools/identity/testdata/root.id
deleted file mode 100644
index 237e17c..0000000
--- a/tools/identity/testdata/root.id
+++ /dev/null
@@ -1 +0,0 @@
-_4EEGgFCAP-DNBoBQwEudmV5cm9uL3J1bnRpbWVzL2dvb2dsZS9zZWN1cml0eS5jaGFpblByaXZhdGVJRAD_hUIYAQIBRAEIUHVibGljSUQAAQQBBlNlY3JldAABJHZleXJvbjIvc2VjdXJpdHkvd2lyZS5DaGFpblByaXZhdGVJRAD_hzoYAQEBRQEMQ2VydGlmaWNhdGVzAAEjdmV5cm9uMi9zZWN1cml0eS93aXJlLkNoYWluUHVibGljSUQA_4kEEgFGAP-LWBgBBAEDAQROYW1lAAFHAQlQdWJsaWNLZXkAAUgBB0NhdmVhdHMAAUkBCVNpZ25hdHVyZQABIXZleXJvbjIvc2VjdXJpdHkvd2lyZS5DZXJ0aWZpY2F0ZQD_jTYYAQIBSgEFQ3VydmUAAQQBAlhZAAEfdmV5cm9uMi9zZWN1cml0eS93aXJlLlB1YmxpY0tleQD_kyQQATIBHnZleXJvbjIvc2VjdXJpdHkvd2lyZS5LZXlDdXJ2ZQD_jwQSAUsA_5U4GAECAUwBB1NlcnZpY2UAAQQBBUJ5dGVzAAEcdmV5cm9uMi9zZWN1cml0eS93aXJlLkNhdmVhdAD_lyYQAQMBIHZleXJvbjIvc2VjdXJpdHkuQmxlc3NpbmdQYXR0ZXJuAP-RQRgBBAEEAQdQdXJwb3NlAAFNAQRIYXNoAAEEAQFSAAEEAQFTAAEadmV5cm9uMi9zZWN1cml0eS5TaWduYXR1cmUA_5kbEAEDARV2ZXlyb24yL3NlY3VyaXR5Lkhhc2gA_4L_wwEDAQEBAQRyb290AQJBBHVkMTMeM3u0s50QzpnYyqmQOHJlBGTkJxIpqMELOc4wRezmlm6T1eR1LpXdM-JfN-PoQ7FIpnWKwMGvXUgw48MAAgIGU0hBMjU2ASDWPa731A14YDXmbp4j-HG6e1BZ1rKyL4dLg1N-cxFl6AEgjsMe8ttf21GPBJTM8K-oX80V3DX3q3WYapB0nkT2S_UAAAABIIBtNdBzbjSsLeHz96Cq1Dl1DmrsEESSQHJ5hSF5plXKAA==
diff --git a/tools/principal/main.go b/tools/principal/main.go
index d2bebca..bfdd4aa 100644
--- a/tools/principal/main.go
+++ b/tools/principal/main.go
@@ -2,6 +2,7 @@
import (
"bytes"
+ "encoding/base64"
"errors"
"fmt"
"io"
@@ -12,13 +13,12 @@
"veyron.io/veyron/veyron2"
"veyron.io/veyron/veyron2/rt"
"veyron.io/veyron/veyron2/security"
- "veyron.io/veyron/veyron2/vdl/vdlutil"
+ "veyron.io/veyron/veyron2/vom"
"veyron.io/veyron/veyron/lib/cmdline"
_ "veyron.io/veyron/veyron/profiles"
vsecurity "veyron.io/veyron/veyron/security"
"veyron.io/veyron/veyron/services/identity"
- "veyron.io/veyron/veyron/services/identity/util"
)
const VEYRON_CREDENTIALS = "VEYRON_CREDENTIALS"
@@ -442,7 +442,7 @@
ctx, cancel := r.NewContext().WithTimeout(time.Minute)
defer cancel()
- var reply vdlutil.Any
+ var reply security.WireBlessings
blesser, err := identity.BindMacaroonBlesser(service)
if err == nil {
reply, err = blesser.Bless(ctx, macaroon)
@@ -450,13 +450,9 @@
if err != nil {
return fmt.Errorf("failed to get blessing from %q: %v", service, err)
}
- wire, ok := reply.(security.WireBlessings)
- if !ok {
- return fmt.Errorf("received %T, want security.WireBlessings", reply)
- }
- blessings, err := security.NewBlessings(wire)
+ blessings, err := security.NewBlessings(reply)
if err != nil {
- return fmt.Errorf("failed to construct Blessings object from wire data: %v", err)
+ return fmt.Errorf("failed to construct Blessings object from response: %v", err)
}
blessedChan <- fmt.Sprint(blessings)
// Wait for getTokenForBlessRPC to clean up:
@@ -545,7 +541,7 @@
if blessings == nil {
return errors.New("no blessings found")
}
- str, err := util.Base64VomEncode(blessings)
+ str, err := base64VomEncode(blessings)
if err != nil {
return fmt.Errorf("base64-VOM encoding failed: %v", err)
}
@@ -577,7 +573,7 @@
if err != nil {
return err
}
- if err := util.Base64VomDecode(str, val); err != nil || val == nil {
+ if err := base64VomDecode(str, val); err != nil || val == nil {
return fmt.Errorf("failed to decode %q: %v", fname, err)
}
return nil
@@ -606,3 +602,25 @@
}
return fmt.Sprintf("%v", key)
}
+
+func base64VomEncode(i interface{}) (string, error) {
+ buf := &bytes.Buffer{}
+ closer := base64.NewEncoder(base64.URLEncoding, buf)
+ if err := vom.NewEncoder(closer).Encode(i); err != nil {
+ return "", err
+ }
+ // Must close the base64 encoder to flush out any partially written
+ // blocks.
+ if err := closer.Close(); err != nil {
+ return "", err
+ }
+ return buf.String(), nil
+}
+
+func base64VomDecode(s string, i interface{}) error {
+ b, err := base64.URLEncoding.DecodeString(s)
+ if err != nil {
+ return err
+ }
+ return vom.NewDecoder(bytes.NewBuffer(b)).Decode(i)
+}
