This PR implements support for generated and utilizing authorization tokens with the Macaroon format.
You can view, comment on, or merge this pull request online at:
https://github.com/xrootd/xrootd/pull/762
Commit Summary
- Create skeleton of Macaroon issuer.
- Implement generation of macaroon with activities.
- Add support for configuring macaroons plugin.
- Add simple license and readme files.
- Add outlines of an XrdAccAuthorize implementation for Macaroons.
- Finish initial authorizor for macaroons.
- Tweak behavior around READ_METADATA.
- Backport API use to libmacaroons 0.3.0.
- Update readme with some sample usage.
- Create RPM packaging for macaroons plugin
- We need the development headers, not the runtime library.
- Add missing build dependency on openssl.
- Add missing build dep on json-c-devel.
- Open secret file with correct mode.
- Cleanup TODO logging items.
- Serialize the XrdSecEntity name field in macaroon.
- Add multiple tracing levels to the module's logging.
- Allow macaroon plugin to chain another authlib.
- Forward remaining arguments to chained authlib.
- Update RPM spec file for release.
- Add concept of max duration of a macaroon lifetime.
- Check location header and record IDs as we use them.
- Bump RPM for 0.3.0 release.
- Rename macaroon-related files in preparation for merge.
- Merge branch 'xrootd-macaroons-rename' into xrootd-macaroons-merge
- Initial CMake integration of Macaroons.
- Rename macaroon files to match Xrootd-style.
File Changes
Patch Links:
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/xrootd/xrootd","title":"xrootd/xrootd","subtitle":"GitHub repository","main_image_url":"https://assets-cdn.github.com/images/email/message_cards/header.png","avatar_image_url":"https://assets-cdn.github.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/xrootd/xrootd"}},"updates":{"snippets":[{"icon":"DESCRIPTION","message":"Macaroons plugin for Xrootd (#762)"}],"action":{"name":"View Pull Request","url":"https://github.com/xrootd/xrootd/pull/762"}}}
[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/xrootd/xrootd/pull/762",
"url": "https://github.com/xrootd/xrootd/pull/762",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
},
{
"@type": "MessageCard",
"@context": "http://schema.org/extensions",
"hideOriginalBody": "false",
"originator": "AF6C5A86-E920-430C-9C59-A73278B5EFEB",
"title": "Macaroons plugin for Xrootd (#762)",
"sections": [
{
"text": "",
"activityTitle": "**Brian Bockelman**",
"activityImage": "https://assets-cdn.github.com/images/email/message_cards/avatar.png",
"activitySubtitle": "@bbockelm",
"facts": [
]
},
{
"title": "Commit Summary",
"facts": [
{
"name": "557c4e1",
"value": "Create skeleton of Macaroon issuer."
},
{
"name": "46262f9",
"value": "Implement generation of macaroon with activities."
},
{
"name": "df351b7",
"value": "Add support for configuring macaroons plugin."
},
{
"name": "4580cac",
"value": "Add simple license and readme files."
},
{
"name": "7a3bc4a",
"value": "Add outlines of an XrdAccAuthorize implementation for Macaroons."
},
{
"name": "0fc8aa6",
"value": "Finish initial authorizor for macaroons."
},
{
"name": "a40c8ea",
"value": "Tweak behavior around READ_METADATA."
},
{
"name": "fd31be1",
"value": "Backport API use to libmacaroons 0.3.0."
},
{
"name": "c15f1c2",
"value": "Update readme with some sample usage."
},
{
"name": "3af059a",
"value": "Create RPM packaging for macaroons plugin"
},
{
"name": "e28a41c",
"value": "We need the development headers, not the runtime library."
},
{
"name": "25c446b",
"value": "Add missing build dependency on openssl."
},
{
"name": "d17afe7",
"value": "Add missing build dep on json-c-devel."
},
{
"name": "a85fc0b",
"value": "Open secret file with correct mode."
},
{
"name": "92280ca",
"value": "Cleanup TODO logging items."
},
{
"name": "2e659fa",
"value": "Serialize the XrdSecEntity name field in macaroon."
},
{
"name": "f0f40a4",
"value": "Add multiple tracing levels to the module's logging."
},
{
"name": "5158425",
"value": "Allow macaroon plugin to chain another authlib."
},
{
"name": "0a2ef1e",
"value": "Forward remaining arguments to chained authlib."
},
{
"name": "3102235",
"value": "Update RPM spec file for release."
},
{
"name": "ad07888",
"value": "Add concept of max duration of a macaroon lifetime."
},
{
"name": "88ecfba",
"value": "Check location header and record IDs as we use them."
},
{
"name": "e3783a7",
"value": "Bump RPM for 0.3.0 release."
},
{
"name": "0ff1e11",
"value": "Rename macaroon-related files in preparation for merge."
},
{
"name": "6a8e723",
"value": "Merge branch 'xrootd-macaroons-rename' into xrootd-macaroons-merge"
},
{
"name": "766c225",
"value": "Initial CMake integration of Macaroons."
},
{
"name": "8145929",
"value": "Rename macaroon files to match Xrootd-style."
}
]
},
{
"title": "File Changes",
"facts": [
{
"name": "Added",
"value": "[cmake/FindMacaroons.cmake](https://github.com/xrootd/xrootd/pull/762/files#diff-0) (21 changes)"
},
{
"name": "Modified",
"value": "[cmake/XRootDDefaults.cmake](https://github.com/xrootd/xrootd/pull/762/files#diff-1) (21 changes)"
},
{
"name": "Modified",
"value": "[cmake/XRootDFindLibs.cmake](https://github.com/xrootd/xrootd/pull/762/files#diff-2) (11 changes)"
},
{
"name": "Modified",
"value": "[cmake/XRootDSummary.cmake](https://github.com/xrootd/xrootd/pull/762/files#diff-3) (22 changes)"
},
{
"name": "Modified",
"value": "[packaging/debian/xrootd-server-libs.install](https://github.com/xrootd/xrootd/pull/762/files#diff-4) (1 changes)"
},
{
"name": "Modified",
"value": "[packaging/rhel/xrootd.spec.in](https://github.com/xrootd/xrootd/pull/762/files#diff-5) (1 changes)"
},
{
"name": "Modified",
"value": "[src/CMakeLists.txt](https://github.com/xrootd/xrootd/pull/762/files#diff-6) (4 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons.cmake](https://github.com/xrootd/xrootd/pull/762/files#diff-7) (54 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/README.md](https://github.com/xrootd/xrootd/pull/762/files#diff-8) (61 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/XrdMacaroons.cc](https://github.com/xrootd/xrootd/pull/762/files#diff-9) (114 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/XrdMacaroonsAuthz.cc](https://github.com/xrootd/xrootd/pull/762/files#diff-10) (396 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/XrdMacaroonsAuthz.hh](https://github.com/xrootd/xrootd/pull/762/files#diff-11) (44 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/XrdMacaroonsConfigure.cc](https://github.com/xrootd/xrootd/pull/762/files#diff-12) (236 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/XrdMacaroonsHandler.cc](https://github.com/xrootd/xrootd/pull/762/files#diff-13) (324 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/XrdMacaroonsHandler.hh](https://github.com/xrootd/xrootd/pull/762/files#diff-14) (65 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/cmake/FindXrootd.cmake](https://github.com/xrootd/xrootd/pull/762/files#diff-15) (51 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/export-lib-symbols](https://github.com/xrootd/xrootd/pull/762/files#diff-16) (8 changes)"
},
{
"name": "Added",
"value": "[src/XrdMacaroons/rpm/xrootd-macaroons.spec](https://github.com/xrootd/xrootd/pull/762/files#diff-17) (56 changes)"
}
]
}
],
"potentialAction": [
{
"name": "Add a comment",
"@type": "ActionCard",
"inputs": [
{
"isMultiLine": true,
"@type": "TextInput",
"id": "IssueComment",
"isRequired": false
}
],
"actions": [
{
"name": "Comment",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"IssueComment\",\n\"repositoryFullName\": \"xrootd/xrootd\",\n\"issueId\": 762,\n\"IssueComment\": \"{{IssueComment.value}}\"\n}"
}
]
},
{
"name": "Close pull request",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"PullRequestClose\",\n\"repositoryFullName\": \"xrootd/xrootd\",\n\"pullRequestId\": 762\n}"
},
{
"targets": [
{
"os": "default",
"uri": "https://github.com/xrootd/xrootd/pull/762"
}
],
"@type": "OpenUri",
"name": "View on GitHub"
},
{
"targets": [
{
"os": "default",
"uri": "https://github.com/xrootd/xrootd/pull/762.patch"
}
],
"@type": "OpenUri",
"name": "View patch"
},
{
"targets": [
{
"os": "default",
"uri": "https://github.com/xrootd/xrootd/pull/762.diff"
}
],
"@type": "OpenUri",
"name": "View diff"
},
{
"name": "Unsubscribe",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"MuteNotification\",\n\"threadId\": 354656096\n}"
}
],
"themeColor": "26292E"
}
]
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1