v.io: v.io/x/ref/services/identity/internal/handlers Index | Files

package handlers

import "v.io/x/ref/services/identity/internal/handlers"


Package Files

bless.go blessing_root.go

func NewOAuthBlessingHandler Uses

func NewOAuthBlessingHandler(ctx *context.T, params OAuthBlesserParams, apps RegisteredAppMap) http.Handler

NewOAuthBlessingHandler returns an http.Handler that uses Google OAuth2 Access tokens to obtain the username of the requestor and reponds with blessings for that username.

The blessings are namespaced under the ClientID for the access token. In particular, the name of the granted blessing is of the form <idp>:<appID>:<email> where <idp> is the name of the default blessings used by the identity provider and <appID> is the name of the 'app' - either the OAuth ClientID or a registered alias.

Blessings generated by this service carry a third-party revocation caveat if a RevocationManager is specified by the params or they carry an ExpiryCaveat that expires after the duration specified by the params.

The handler expects the following request parameters: - "public_key": Base64 DER encoded PKIX representation of the client's public key - "caveats": Base64 VOM encoded list of caveats [OPTIONAL] - "token": Google OAuth2 Access token - "output_format": The encoding format for the returned blessings. The following

formats are supported:
  - "json": JSON-encoding of the wire format of Blessings.
  - "base64vom": Base64URL encoding of VOM-encoded Blessings [DEFAULT]

The response consists of blessings encoded in the requested output format.


- There is no binding between the channel over which the access token
  was obtained and the channel used to make this request.
- There is no "proof of possession of private key" required by the server.

Thus, if Mallory (attacker) possesses the access token associated with Alice's account (victim), she may be able to obtain a blessing with Alice's name on it for any public key of her choice.

type BlessingRoot Uses

type BlessingRoot struct {
    P security.Principal

BlessingRoot is an http.Handler implementation that renders the server's blessing names and public key in a json string.

func (BlessingRoot) ServeHTTP Uses

func (b BlessingRoot) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthBlesserParams Uses

type OAuthBlesserParams struct {
    // The OAuth provider that must have issued the access tokens accepted by ths service.
    OAuthProvider oauth.OAuthProvider
    // The object name of the discharger service. If this is empty then revocation caveats will not be granted.
    DischargerLocation string
    // The revocation manager that generates caveats and manages revocation.
    RevocationManager revocation.RevocationManager
    // The duration for which blessings will be valid. (Used iff RevocationManager is nil).
    BlessingDuration time.Duration

OAuthBlesserParams represents all the parameters required for exchanging an OAuth token for blessings.

type RegisteredAppMap Uses

type RegisteredAppMap map[string]struct {
    Extension string

Map of client id -> blessing extension The blessing given for a token with ClientID 'id' is generated by extending the default blessing of this service's principal with the extension held in this map for 'id'. The string "{email}" in the Extension will be replaced by the email from the request's access token.

Package handlers imports 16 packages (graph) and is imported by 9 packages. Updated 2020-10-24. Refresh now. Tools for package owners.