Google Git
Sign in
vanadium / release.go.x.ref / cb02c52406eb2b5596879ce2bec11645ce12d4a4
commitcb02c52406eb2b5596879ce2bec11645ce12d4a4[log] [tgz]
authorAnkur <ataly@google.com>Tue Aug 18 19:27:43 2015 -0700
committerAnkur <ataly@google.com>Tue Aug 18 19:27:43 2015 -0700
tree0116912ba3ee1d989d9735310b119d2e90eeb95e
parent1a0dec0b60462a42419a11c329677ed0ceb2b9da [diff]
"x/ref/services/identity": HTTP service for BlessUsingAccessToken

Currently the only mechanism to exchange an OAuth2 access token
for a blessing is a Vanadium RPC service. Unfortunately this makes
implementing our security model on other platforms (e.g., Mojo)
depend on the RPC system.

This CL adds a REST API to exchange an OAuth2 token for a blessing.
The API takes an OAuth2 token, the client's public key and caveats,
and returns a blessing bound to the provided public key for the
identity represented by the OAuth2 token.

The name of the resulting blessing is of the form
<idp>/<clientID>/<email> where <clientID> and <email> is the client ID
and email associated with the token respectively.

MultiPart: 1/2
Change-Id: I463fd24c2f77f03d4d1bb970336b025886368a08
13 files changed
tree: 0116912ba3ee1d989d9735310b119d2e90eeb95e
  1. cmd/
  2. examples/
  3. internal/
  4. lib/
  5. runtime/
  6. services/
  7. test/
  8. .gitignore
  9. AUTHORS
  10. CONTRIBUTORS
  11. envvar.go
  12. envvar_test.go
  13. LICENSE
  14. PATENTS
  15. README.md
  16. VERSION
README.md

Vanadium

This repository contains a reference implementation of the Vanadium APIs.

Unlike the APIs in https://github.com/vanadium/go.v23, which promises to provide backward compatibility this repository makes no such promises.