luci: go.chromium.org/luci/tokenserver/appengine/impl/projectscope Index | Files

package projectscope

import "go.chromium.org/luci/tokenserver/appengine/impl/projectscope"

Index

Package Files

config.go config_validation.go rpc_import_project_identity_configs.go rpc_mint_project_token.go

func ImportConfigs Uses

func ImportConfigs(c context.Context) (string, error)

ImportConfigs fetches projects.cfg and updates datastore copy of it.

Called from cron.

func SetupConfigValidation Uses

func SetupConfigValidation(rules *validation.RuleSet)

SetupConfigValidation registers the tokenserver custom projects.cfg validator.

type ImportProjectIdentityConfigsRPC Uses

type ImportProjectIdentityConfigsRPC struct {
}

ImportProjectIdentityConfigsRPC implements Admin.ImportProjectIdentityConfigs method.

func (*ImportProjectIdentityConfigsRPC) ImportProjectIdentityConfigs Uses

func (r *ImportProjectIdentityConfigsRPC) ImportProjectIdentityConfigs(c context.Context, _ *empty.Empty) (*admin.ImportedConfigs, error)

ImportProjectIdentityConfigs fetches configs from from luci-config right now.

func (*ImportProjectIdentityConfigsRPC) SetupConfigValidation Uses

func (r *ImportProjectIdentityConfigsRPC) SetupConfigValidation(rules *validation.RuleSet)

SetupConfigValidation registers the config validation rules.

type MintProjectTokenRPC Uses

type MintProjectTokenRPC struct {
    // Signer is mocked in tests.
    //
    // In prod it is gaesigner.Signer.
    Signer signing.Signer

    // MintAccessToken produces an OAuth token for a service account.
    //
    // In prod it is auth.MintAccessTokenForServiceAccount.
    MintAccessToken func(context.Context, auth.MintAccessTokenParams) (*oauth2.Token, error)

    // ProjectIdentities manages project scoped identities.
    //
    // In  prod it is projectscope.persistentIdentityManager
    ProjectIdentities func(context.Context) projectidentity.Storage
}

MintProjectTokenRPC implements TokenMinter.MintProjectToken. method.

func (*MintProjectTokenRPC) MintProjectToken Uses

func (r *MintProjectTokenRPC) MintProjectToken(c context.Context, req *minter.MintProjectTokenRequest) (*minter.MintProjectTokenResponse, error)

MintProjectToken mints a project-scoped service account OAuth2 token.

Project-scoped service accounts are identities tied to an individual LUCI project. Therefore they provide a way to safely interact with LUCI APIs and prevent accidental cross-project operations.

Package projectscope imports 26 packages (graph) and is imported by 3 packages. Updated 2019-03-19. Refresh now. Tools for package owners.