def test_inspect(self): m = Macaroon( location='http://mybank/', identifier='we used our secret key', key='this is our super secret key; only we should know it' ) m.add_first_party_caveat('test = caveat') assert_equal(m.inspect(), 'location http://mybank/\nidentifier we used\ our secret key\ncid test = caveat\nsignature 197bac7a044af33332865b9266e26d49\ 3bdd668a660e44d88ce1a998c23dbd67')
def test_inspect(self): m = Macaroon( location='http://mybank/', identifier='we used our secret key', key='this is our super secret key; only we should know it') m.add_first_party_caveat('test = caveat') assert_equal( m.inspect(), 'location http://mybank/\nidentifier we used\ our secret key\ncid test = caveat\nsignature 197bac7a044af33332865b9266e26d49\ 3bdd668a660e44d88ce1a998c23dbd67')
def auth_server_login(): user_name = request.form['username'] for user in auth_server_users: if user["name"] == user_name and user["identifier"] != "": dm = Macaroon(location='http://auth-server.example.com/', key=user["caveat_key"], identifier=user["identifier"]) # dm = dm.add_first_party_caveat('time < 2020-01-01T00:00') serialized = dm.serialize() resp = make_response( render_template("auth_demo.html", discharge_macaroon=dm.inspect().replace( "\n", "<br/>"))) resp.set_cookie('macaroonDischargeCookie', serialized) return resp resp = make_response( render_template("auth_demo.html", result="Auth failed")) return resp
def alice_server_get_macaroon(): m = Macaroon(location='alices-server.example.com', identifier='key-for-bob', key=alice_server_keys['key-for-bob']) # should be random caveat_key = 'randomKey' predicate = 'Bob' identifier = auth_server_get_identifier(caveat_key, predicate) # location is unused m.add_third_party_caveat('http://auth-server.example.com/', caveat_key, identifier) serialized = m.serialize() resp = make_response( render_template("auth_demo.html", macaroon=m.inspect().replace("\n", "<br/>"), caveat_key=caveat_key, identifier=identifier)) resp.set_cookie('macaroonCookie', serialized) return resp
def photo_album_login(): login_successful = True if login_successful: m = Macaroon(location='cool-picture-service.example.com', identifier='key-for-bob', key=keys['key-for-bob']) # Add a caveat for the target service m.add_first_party_caveat('view_pictures = True') serialized = m.serialize() images = [True, True, True] resp = make_response( render_template("home.html", showimages=True, images=images, macaroon=m.inspect().replace("\n", "<br/>"))) resp.set_cookie('macaroonCookie', serialized) return resp else: return redirect(url_for("login"))
def test_inspect(self): m = Macaroon( location='http://mybank/', identifier='we used our secret key', key='this is our super secret key; only we should know it') m.add_first_party_caveat('test = caveat') caveat_key = '4; guaranteed random by a fair toss of the dice' identifier = 'this was how we remind auth of key/pred' m.add_third_party_caveat('http://auth.mybank/', caveat_key, identifier, nonce=ZERO_NONCE) assert_equal(m.inspect(), ( 'location http://mybank/\n' 'identifier we used our secret key\n' 'cid test = caveat\n' 'cid this was how we remind auth of key/pred\n' 'vid AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA68NYajhiFuHnKGSNcVhkAwgbs0VZ0yK2o+q0Aq9+bONkXw7ky7HAuhCLO9hhaMMc\n' 'cl http://auth.mybank/\n' 'signature 7a9289bfbb92d725f748bbcb4f3e04e56b7021513ebeed8411bfba10a16a662e' ))
def test_inspect(self): m = Macaroon( location='http://mybank/', identifier='we used our secret key', key='this is our super secret key; only we should know it' ) m.add_first_party_caveat('test = caveat') caveat_key = '4; guaranteed random by a fair toss of the dice' identifier = 'this was how we remind auth of key/pred' m.add_third_party_caveat( 'http://auth.mybank/', caveat_key, identifier, nonce=ZERO_NONCE ) assert_equal(m.inspect(), ( 'location http://mybank/\n' 'identifier we used our secret key\n' 'cid test = caveat\n' 'cid this was how we remind auth of key/pred\n' 'vid AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA68NYajhiFuHnKGSNcVhkAwgbs0VZ0yK2o+q0Aq9+bONkXw7ky7HAuhCLO9hhaMMc\n' 'cl http://auth.mybank/\n' 'signature 7a9289bfbb92d725f748bbcb4f3e04e56b7021513ebeed8411bfba10a16a662e'))