This PR implements the OAuth 2.0 client credentials workflow for acquiring a macaroon. This provides a more standards-based approach to token acquisition compared to the existing method developed by @paulmillar, which has served us well but is admittedly a bit more ad-hoc. With this PR, both the old method and new method ought to work.
This approach was originally implemented in StoRM by @andreaceccanti. I wanted to have a second server implementation prior to doing the client side changes for FTS.
This is NOT meant for 4.9.0.
You can view, comment on, or merge this pull request online at:
https://github.com/xrootd/xrootd/pull/883
-- Commit Summary --
* [Macaroons] WIP on implementing OAuth2 workflows.
* WIP: checkpoint of OAuth2-based macaroon acquisition.
* Port unquote helper function into Macaroon library.
* Allow Xrootd to respond back with an OAuth-style response.
* Finish implementation of token generator.
* Add helper script for generating macaroons.
-- File Changes --
M src/XrdMacaroons/XrdMacaroonsHandler.cc (253)
M src/XrdMacaroons/XrdMacaroonsHandler.hh (5)
A src/XrdMacaroons/macaroon-init (154)
-- Patch Links --
https://github.com/xrootd/xrootd/pull/883.patch
https://github.com/xrootd/xrootd/pull/883.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/xrootd/xrootd/pull/883
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
