mirror of
https://github.com/valitydev/fistful-server.git
synced 2024-11-06 02:35:18 +00:00
df471b4064
* Add uac dependency * use uac to issue tokens * Configure uac * Authorize operations with uac * Issue tokens with uac in tests * wip: furthemore migrate to uac * Remove unreachable case * Adjust wapi config in tests * Don't start old authorizer * Fix auth context creation in tests * Fix all definitions of create_auth_ctx * Revert "Don't start old authorizer" This reverts commit 2636fcfa48e798a8fb07534e512ea5b494f57b19. * Fix old config naming * Deduplicate unique id generation * Provide dummy snowflake config * Use macro for signee * Authorize operation withc UAC (#140) * Verify tokens with uac * Implement dummy authorization * Return quote verification * Restore authorizer code order * Restore signer code order * Update commentaries * Provide operation access lists * Give party read/write permissions to the test tokens * Introduce more resources, standardize CreateWithdrawal authoriation * Download file with read access * Authorize withdrawals with dedicated permission * Fix permissions in tests * Upgrade uac * Remove redundant auth related modules * Use uac issue * Update tests * Fix opaque type usage * Add domain_name to uac config * Remove signee from test config * Rollback to old roles * Upgrade uac * Fix for wapi wallet tests * Use macro for domain * Remove domain name from configs * Use uac utils functions * Make operation access less strict * Remove unused signee option * Replace get_party_id with uac function * Create ACL migration layer * Reimplement operation access * Fix style * Remove reintroduced auth code * Upgrade uac * Remove redundant verification option * Suppress opaque introspection dialyzer warning * Fix nested resources ACLs * Issue test quota without resource access Co-Authored-By: Andrew Mayorov <a.mayorov@rbkmoney.com> * Adapt new p2p code * Rename refactor and move role mapping * Refactor roles mapping * Use uac dev branch * Fix merge incompatibilities * Fix even more incompatibilities * Bump uac and adjust code to it * Add operation access for new ops * Upgrade uac * Issue tokens the new way * Fix merge artifacts * Create simple resource hierarchy for new operations * Fix authorization by bearer * Fix missed merge issues * Apply suggestions from code review Co-Authored-By: Andrew Mayorov <a.mayorov@rbkmoney.com> * Verify partyID in p2p continuation tokens, add signee to wapi config * Remove OperationID from log message where it is already present in meta Co-Authored-By: Andrew Mayorov <a.mayorov@rbkmoney.com> * Add signee to app config * Test if unauthorized user still can create withdrawal using grants * Do withdrawal specific authorization inside create_withdrawal * Test wapi_SUITE default with both tokens, specify domain when issuing tokens * Upgrade uac * Specify which domains to decode * Throw withdrawal authorization errors * Split too long lines * Simplify grant authorization * Do not handle 'missing' errors, handle wallet notfound * Rework error mapping slightly * Add resource to insufficient_access/claim error * Try bumping cowboy_cors to fix CI dialyzer error * Use fork-master version of cowboy_cors Co-authored-by: Andrew Mayorov <a.mayorov@rbkmoney.com> |
||
|---|---|---|
| .. | ||
| sys.config | ||
| vm.args | ||