diff options
author | Vitaly Buka <vitalybuka@google.com> | 2015-12-22 15:25:51 -0800 |
---|---|---|
committer | Vitaly Buka <vitalybuka@google.com> | 2015-12-23 01:54:07 +0000 |
commit | 7a25a3d7aa44a385ae47e7b32c074b56a57fdb20 (patch) | |
tree | 37101bf76e1fd37d47686f41b1f2335edb6002be /src/privet/auth_manager.cc | |
parent | 20896ab5bdbddbac8f67f12fc8198330e5dafdfc (diff) | |
download | libweave-7a25a3d7aa44a385ae47e7b32c074b56a57fdb20.tar.gz |
Extracted function to create token from secret and caveats
Change-Id: I9c9d2c6ee69b395091c4d17527439ed80279cf88
Reviewed-on: https://weave-review.googlesource.com/2082
Reviewed-by: Alex Vakulenko <avakulenko@google.com>
Diffstat (limited to 'src/privet/auth_manager.cc')
-rw-r--r-- | src/privet/auth_manager.cc | 37 |
1 files changed, 21 insertions, 16 deletions
diff --git a/src/privet/auth_manager.cc b/src/privet/auth_manager.cc index 678faf7..bb4c3c4 100644 --- a/src/privet/auth_manager.cc +++ b/src/privet/auth_manager.cc @@ -90,6 +90,22 @@ bool IsClaimAllowed(RootClientTokenOwner curret, RootClientTokenOwner claimer) { return claimer > curret || claimer == RootClientTokenOwner::kCloud; } +std::vector<uint8_t> CreateMacaroonToken( + const std::vector<uint8_t>& secret, + const std::vector<UwMacaroonCaveat>& caveats) { + CHECK_EQ(kSha256OutputSize, secret.size()); + UwMacaroon macaroon{}; + CHECK(uw_macaroon_new_from_root_key_(&macaroon, secret.data(), secret.size(), + caveats.data(), caveats.size())); + + std::vector<uint8_t> token(kMaxMacaroonSize); + size_t len = 0; + CHECK(uw_macaroon_dump_(&macaroon, token.data(), token.size(), &len)); + token.resize(len); + + return token; +} + } // namespace AuthManager::AuthManager(Config* config, @@ -146,6 +162,7 @@ std::vector<uint8_t> AuthManager::CreateAccessToken(const UserInfo& user_info, std::vector<uint8_t> data{data_str.begin(), data_str.end()}; std::vector<uint8_t> hash{HmacSha256(access_secret_, data)}; hash.insert(hash.end(), data.begin(), data.end()); + return hash; } @@ -235,22 +252,10 @@ std::vector<uint8_t> AuthManager::GetRootClientAuthToken() const { Caveat scope{kUwMacaroonCaveatTypeScope, kUwMacaroonCaveatScopeTypeOwner}; Caveat issued{kUwMacaroonCaveatTypeIssued, static_cast<uint32_t>(Now().ToTimeT())}; - - UwMacaroonCaveat caveats[] = { - scope.GetCaveat(), issued.GetCaveat(), - }; - - CHECK_EQ(kSha256OutputSize, auth_secret_.size()); - UwMacaroon macaroon{}; - CHECK(uw_macaroon_new_from_root_key_(&macaroon, auth_secret_.data(), - auth_secret_.size(), caveats, - arraysize(caveats))); - - std::vector<uint8_t> token(kMaxMacaroonSize); - size_t len = 0; - CHECK(uw_macaroon_dump_(&macaroon, token.data(), token.size(), &len)); - token.resize(len); - return token; + return CreateMacaroonToken(auth_secret_, + { + scope.GetCaveat(), issued.GetCaveat(), + }); } base::Time AuthManager::Now() const { |