* Add uac dependency
* use uac to issue tokens
* Configure uac
* Authorize operations with uac
* Issue tokens with uac in tests
* wip: furthemore migrate to uac
* Remove unreachable case
* Adjust wapi config in tests
* Don't start old authorizer
* Fix auth context creation in tests
* Fix all definitions of create_auth_ctx
* Revert "Don't start old authorizer"
This reverts commit 2636fcfa48e798a8fb07534e512ea5b494f57b19.
* Fix old config naming
* Deduplicate unique id generation
* Provide dummy snowflake config
* Use macro for signee
* Authorize operation withc UAC (#140)
* Verify tokens with uac
* Implement dummy authorization
* Return quote verification
* Restore authorizer code order
* Restore signer code order
* Update commentaries
* Provide operation access lists
* Give party read/write permissions to the test tokens
* Introduce more resources, standardize CreateWithdrawal authoriation
* Download file with read access
* Authorize withdrawals with dedicated permission
* Fix permissions in tests
* Upgrade uac
* Remove redundant auth related modules
* Use uac issue
* Update tests
* Fix opaque type usage
* Add domain_name to uac config
* Remove signee from test config
* Rollback to old roles
* Upgrade uac
* Fix for wapi wallet tests
* Use macro for domain
* Remove domain name from configs
* Use uac utils functions
* Make operation access less strict
* Remove unused signee option
* Replace get_party_id with uac function
* Create ACL migration layer
* Reimplement operation access
* Fix style
* Remove reintroduced auth code
* Upgrade uac
* Remove redundant verification option
* Suppress opaque introspection dialyzer warning
* Fix nested resources ACLs
* Issue test quota without resource access
Co-Authored-By: Andrew Mayorov <a.mayorov@rbkmoney.com>
* Adapt new p2p code
* Rename refactor and move role mapping
* Refactor roles mapping
* Use uac dev branch
* Fix merge incompatibilities
* Fix even more incompatibilities
* Bump uac and adjust code to it
* Add operation access for new ops
* Upgrade uac
* Issue tokens the new way
* Fix merge artifacts
* Create simple resource hierarchy for new operations
* Fix authorization by bearer
* Fix missed merge issues
* Apply suggestions from code review
Co-Authored-By: Andrew Mayorov <a.mayorov@rbkmoney.com>
* Verify partyID in p2p continuation tokens, add signee to wapi config
* Remove OperationID from log message where it is already present in meta
Co-Authored-By: Andrew Mayorov <a.mayorov@rbkmoney.com>
* Add signee to app config
* Test if unauthorized user still can create withdrawal using grants
* Do withdrawal specific authorization inside create_withdrawal
* Test wapi_SUITE default with both tokens, specify domain when issuing tokens
* Upgrade uac
* Specify which domains to decode
* Throw withdrawal authorization errors
* Split too long lines
* Simplify grant authorization
* Do not handle 'missing' errors, handle wallet notfound
* Rework error mapping slightly
* Add resource to insufficient_access/claim error
* Try bumping cowboy_cors to fix CI dialyzer error
* Use fork-master version of cowboy_cors
Co-authored-by: Andrew Mayorov <a.mayorov@rbkmoney.com>
* update swag
* remove payment system handling
* hard delete
* remove one more payment system field
* remove payment system field from tests
* restore payment system in sender and receiver
* update swag
