We move the proxy from using its placeholder macaroon creation and
verification to instead use the agreed upon macaroon design. Much of
this is solely a refactor, but some new functionality has also been
introduced as part of integrating the LSAT mint:
1. A request's target service is now verified to ensure its attached
LSAT is authorized.
2. The preimage is now checked against the token's committed payment
hash to ensure it has been paid for.
The target service name remains unused in its current form, but will be
required in order to verify that an incoming request with an LSAT
attached is authorized to access the service being attempted. We can
derive this from the request's host field, but we choose to extend the
methods with the additional parameter in order to prevent parsing the
host field again to determine which service is being accessed.
The service limiter holds all of the constraints that should be applied
to a given service at the base tier. These are currently static and are
parsed from the proxy's configuration file as a temporary work-around.
Eventually, we plan to integrate this with etcd as well in order to
achieve dynamic service discovery.
This will store the secret of each LSAT minted by the proxy, which is
crucial for LSAT verification. The secrets are stored under a new
"secrets" key prefixed by the top level LSAT etcd key, and each secret
can be found by its unique identifier prefixed with the secrets key.
Allows the ability for the proxy to connect to an etcd cluster for any
reliable data storage purposes. No data is being stored yet as of this
commit, but we'll be storing LSAT secrets at a later commit.
One key component in this commit is that we introduce a new top level
key that will serve to hold all LSAT proxy-related data. Any nested keys
should be prefixed with said top level key.
Co-authored-by: Oliver Gugger <gugger@gmail.com>
This package adheres to the agreed upon internal design document of the
macaroon portion of an LSAT. It is able to mint LSATs for a set of
services at any tier, each containing their desired set of constraints.
LSAT verification so far only ensures the that token was minted by us
and that the target service attempted to be accessed is authorized
according to the white-listed services contained in the token.
