4fe71e314157576d2bdfe54cc6f8ce5df38c571d |
|
29-Jan-2016 |
Vitaly Buka <vitalybuka@google.com> |
Make App ID a part of User ID In addition to user ID, auth tokens could be bound to specific app ID. So internal libweave User ID, named UserAppId, from now will consist of auth type, user ID and optional app ID. If operation was called with token containing only user ID, libweave will grant access to all commands for every app for the given user ID. To distinguish between user authorized with local, pairing or anonymous tokens libweave uses UserAppId::type field. As macaroons have no caveats for this kind of information, current implementation will just append the type to the user ID caveat of the access token. BUG: 26292014 Change-Id: I528c2717c95c5daed74bb769b3569fac823761f2 Reviewed-on: https://weave-review.googlesource.com/2394 Reviewed-by: Alex Vakulenko <avakulenko@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
20896ab5bdbddbac8f67f12fc8198330e5dafdfc |
|
23-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Replace several members of SecurityManager with pointers to Settings Change-Id: I408bd5750879bb948cc8b8f6feac30e82e5446a9 Reviewed-on: https://weave-review.googlesource.com/2081 Reviewed-by: Vitaly Buka <vitalybuka@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
66f46b8468354ee964a150df05d08b31a2c7121a |
|
19-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Change user_id into string Cloud users are going to be represented by strings, probably email address. Integer prefix is used to avoid collisions between pairing/anonymous and local users. BUG=25768507 Change-Id: I27249c0b98f919e9527498be74ddaa82218b4041 Reviewed-on: https://weave-review.googlesource.com/2063 Reviewed-by: Alex Vakulenko <avakulenko@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
0bc02ede1d7ac6b0ed264b8891844d15bdb4733e |
|
18-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Use different secret for auth and access tokens Temporarily secret guaranties invalidation of access tokens on device reboot. Without that when device updates, we can have tokens signed with valid key, but with invalid format, or user_id collision. Change-Id: I0a6dbd782165715d781501456a4fd29bb060ffdd Reviewed-on: https://weave-review.googlesource.com/2062 Reviewed-by: Alex Vakulenko <avakulenko@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
3020c495e853c12bc4febca66b4ab739dbb773ef |
|
18-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Remove unused SecurityDelegate::IsValidPairingCode BUG=25768507 Change-Id: I5bec24332a53b95272e0e1370d5bbfe2e0df418c Reviewed-on: https://weave-review.googlesource.com/2061 Reviewed-by: Alex Vakulenko <avakulenko@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
fd2ef6869df7fdd2eb32e17bd7854df478b1f031 |
|
18-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Move most of auth logic into SecurityDelegate::CreateAccessToken With local auth we will need to extract most of information from macaroon auth code. BUG=25768507 Change-Id: If7b31a1ba9a081dfae0cf8e9df6c8ed27bfe79c4 Reviewed-on: https://weave-review.googlesource.com/2049 Reviewed-by: Vitaly Buka <vitalybuka@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
a0a813490ff37868827b65d7f9aeb554c996c17c |
|
17-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Changed AuthManager::CreateAccessToken and AuthManager::ParseAccessToken With this API we can handle expiration checks inside of AuthManager BUG=25768507 Change-Id: I2fa5d428be6f0772d8b2656eb2bee71824f0d308 Reviewed-on: https://weave-review.googlesource.com/2030 Reviewed-by: Vitaly Buka <vitalybuka@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
229113e837328b53f6fcf1c82790cdb2c013a0dc |
|
14-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Pass Config pointer into AuthManager AuthManager needs to have logic for re-claming devices. This requires persistent storage for secret and owner. It's going to be easier to handle logic there than outside. BUG=25766815 Change-Id: Icc417f23715b48461098503fd241cee534d2225c Reviewed-on: https://weave-review.googlesource.com/1949 Reviewed-by: Vitaly Buka <vitalybuka@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
41aa8090265b73876da7b99b5d246b4a64fe0474 |
|
10-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Use base::Clock in AuthManager for better testing Change-Id: Ifbb23e4da565a1c86ff728803d2e07e3f8c3b1f4 Reviewed-on: https://weave-review.googlesource.com/1873 Reviewed-by: Alex Vakulenko <avakulenko@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
f08caeb9070257bb2ab0769f328eb8632f1778dc |
|
02-Dec-2015 |
Vitaly Buka <vitalybuka@google.com> |
Extract privet::AuthManager from privet::SecurityManager BUG:25934385 Change-Id: I45fb7c79053a6009330b4debae1065266d1ce972 Reviewed-on: https://weave-review.googlesource.com/1735 Reviewed-by: Alex Vakulenko <avakulenko@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
52d006a131c61955e3a8a915d7f22941b3a4eee2 |
|
22-Nov-2015 |
Vitaly Buka <vitalybuka@google.com> |
Support GCC 4.7 Removed constructors inheritance. Removed emplace use. Change-Id: I45224e3232d39ff22f758c7e387be2c9aff5eae0 Reviewed-on: https://weave-review.googlesource.com/1606 Reviewed-by: Vitaly Buka <vitalybuka@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|
5a1f600e9d7d26c36b3e22ff0dc0ae9e3b2425fc |
|
02-Nov-2015 |
Paul Westbrook <pwestbro@google.com> |
Remove the unneeded libweave directory Change-Id: I30fd8c5626cf83da6415ffa14a2019ef43be9916 Reviewed-on: https://weave-review.googlesource.com/1450 Reviewed-by: Paul Westbrook <pwestbro@google.com>
/external/libweave/src/privet/security_manager_unittest.cc
|