Cross Reference: /external/libweave/src/privet/security_manager

History log of /external/libweave/src/privet/security_manager_unittest.cc
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
4fe71e314157576d2bdfe54cc6f8ce5df38c571d	29-Jan-2016	Vitaly Buka <vitalybuka@google.com>	Make App ID a part of User ID In addition to user ID, auth tokens could be bound to specific app ID. So internal libweave User ID, named UserAppId, from now will consist of auth type, user ID and optional app ID. If operation was called with token containing only user ID, libweave will grant access to all commands for every app for the given user ID. To distinguish between user authorized with local, pairing or anonymous tokens libweave uses UserAppId::type field. As macaroons have no caveats for this kind of information, current implementation will just append the type to the user ID caveat of the access token. BUG: 26292014 Change-Id: I528c2717c95c5daed74bb769b3569fac823761f2 Reviewed-on: https://weave-review.googlesource.com/2394 Reviewed-by: Alex Vakulenko <avakulenko@google.com> /external/libweave/src/privet/security_manager_unittest.cc
20896ab5bdbddbac8f67f12fc8198330e5dafdfc	23-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Replace several members of SecurityManager with pointers to Settings Change-Id: I408bd5750879bb948cc8b8f6feac30e82e5446a9 Reviewed-on: https://weave-review.googlesource.com/2081 Reviewed-by: Vitaly Buka <vitalybuka@google.com> /external/libweave/src/privet/security_manager_unittest.cc
66f46b8468354ee964a150df05d08b31a2c7121a	19-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Change user_id into string Cloud users are going to be represented by strings, probably email address. Integer prefix is used to avoid collisions between pairing/anonymous and local users. BUG=25768507 Change-Id: I27249c0b98f919e9527498be74ddaa82218b4041 Reviewed-on: https://weave-review.googlesource.com/2063 Reviewed-by: Alex Vakulenko <avakulenko@google.com> /external/libweave/src/privet/security_manager_unittest.cc
0bc02ede1d7ac6b0ed264b8891844d15bdb4733e	18-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Use different secret for auth and access tokens Temporarily secret guaranties invalidation of access tokens on device reboot. Without that when device updates, we can have tokens signed with valid key, but with invalid format, or user_id collision. Change-Id: I0a6dbd782165715d781501456a4fd29bb060ffdd Reviewed-on: https://weave-review.googlesource.com/2062 Reviewed-by: Alex Vakulenko <avakulenko@google.com> /external/libweave/src/privet/security_manager_unittest.cc
3020c495e853c12bc4febca66b4ab739dbb773ef	18-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Remove unused SecurityDelegate::IsValidPairingCode BUG=25768507 Change-Id: I5bec24332a53b95272e0e1370d5bbfe2e0df418c Reviewed-on: https://weave-review.googlesource.com/2061 Reviewed-by: Alex Vakulenko <avakulenko@google.com> /external/libweave/src/privet/security_manager_unittest.cc
fd2ef6869df7fdd2eb32e17bd7854df478b1f031	18-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Move most of auth logic into SecurityDelegate::CreateAccessToken With local auth we will need to extract most of information from macaroon auth code. BUG=25768507 Change-Id: If7b31a1ba9a081dfae0cf8e9df6c8ed27bfe79c4 Reviewed-on: https://weave-review.googlesource.com/2049 Reviewed-by: Vitaly Buka <vitalybuka@google.com> /external/libweave/src/privet/security_manager_unittest.cc
a0a813490ff37868827b65d7f9aeb554c996c17c	17-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Changed AuthManager::CreateAccessToken and AuthManager::ParseAccessToken With this API we can handle expiration checks inside of AuthManager BUG=25768507 Change-Id: I2fa5d428be6f0772d8b2656eb2bee71824f0d308 Reviewed-on: https://weave-review.googlesource.com/2030 Reviewed-by: Vitaly Buka <vitalybuka@google.com> /external/libweave/src/privet/security_manager_unittest.cc
229113e837328b53f6fcf1c82790cdb2c013a0dc	14-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Pass Config pointer into AuthManager AuthManager needs to have logic for re-claming devices. This requires persistent storage for secret and owner. It's going to be easier to handle logic there than outside. BUG=25766815 Change-Id: Icc417f23715b48461098503fd241cee534d2225c Reviewed-on: https://weave-review.googlesource.com/1949 Reviewed-by: Vitaly Buka <vitalybuka@google.com> /external/libweave/src/privet/security_manager_unittest.cc
41aa8090265b73876da7b99b5d246b4a64fe0474	10-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Use base::Clock in AuthManager for better testing Change-Id: Ifbb23e4da565a1c86ff728803d2e07e3f8c3b1f4 Reviewed-on: https://weave-review.googlesource.com/1873 Reviewed-by: Alex Vakulenko <avakulenko@google.com> /external/libweave/src/privet/security_manager_unittest.cc
f08caeb9070257bb2ab0769f328eb8632f1778dc	02-Dec-2015	Vitaly Buka <vitalybuka@google.com>	Extract privet::AuthManager from privet::SecurityManager BUG:25934385 Change-Id: I45fb7c79053a6009330b4debae1065266d1ce972 Reviewed-on: https://weave-review.googlesource.com/1735 Reviewed-by: Alex Vakulenko <avakulenko@google.com> /external/libweave/src/privet/security_manager_unittest.cc
52d006a131c61955e3a8a915d7f22941b3a4eee2	22-Nov-2015	Vitaly Buka <vitalybuka@google.com>	Support GCC 4.7 Removed constructors inheritance. Removed emplace use. Change-Id: I45224e3232d39ff22f758c7e387be2c9aff5eae0 Reviewed-on: https://weave-review.googlesource.com/1606 Reviewed-by: Vitaly Buka <vitalybuka@google.com> /external/libweave/src/privet/security_manager_unittest.cc
5a1f600e9d7d26c36b3e22ff0dc0ae9e3b2425fc	02-Nov-2015	Paul Westbrook <pwestbro@google.com>	Remove the unneeded libweave directory Change-Id: I30fd8c5626cf83da6415ffa14a2019ef43be9916 Reviewed-on: https://weave-review.googlesource.com/1450 Reviewed-by: Paul Westbrook <pwestbro@google.com> /external/libweave/src/privet/security_manager_unittest.cc