launchpad-reviewers team mailing list archive

[William Grant <me@xxxxxxxxxxxxxxxxxx>]

Review: Approve code



Diff comments:

> 
> === modified file 'lib/lp/services/authserver/xmlrpc.py'
> --- lib/lp/services/authserver/xmlrpc.py	2018-05-10 10:05:45 +0000
> +++ lib/lp/services/authserver/xmlrpc.py	2019-04-11 13:41:06 +0000
> @@ -43,6 +44,28 @@
>                       for key in person.sshkeys],
>              }
>  
> +    def issueMacaroon(self, issuer_name, context):
> +        """See `IAuthServer.issueMacaroon`."""
> +        try:
> +            issuer = getUtility(IMacaroonIssuer, issuer_name)
> +        except ComponentLookupError:
> +            return faults.PermissionDenied()
> +        # Only permit issuers that have been specifically designed for use
> +        # with the authserver: they must need to be issued by parts of
> +        # Launchpad other than appservers but be verified by appservers,
> +        # they must take parameters that can be passed over XML-RPC, and
> +        # they must issue macaroons with carefully-designed constraints to
> +        # minimise privilege-escalation attacks.
> +        if not issuer.issuable_via_authserver:
> +            return faults.PermissionDenied()
> +        try:
> +            # issueMacaroon isn't normally public, but we clearly need it
> +            # here.
> +            macaroon = removeSecurityProxy(issuer).issueMacaroon(context)
> +        except ValueError:
> +            return faults.PermissionDenied()

ValueError continues to be quite broad.

> +        return macaroon.serialize()
> +
>      def verifyMacaroon(self, macaroon_raw, context):
>          """See `IAuthServer.verifyMacaroon`."""
>          try:


-- 
https://code.launchpad.net/~cjwatson/launchpad/authserver-issue-macaroon/+merge/364353
Your team Launchpad code reviewers is subscribed to branch lp:launchpad.