auth_service/

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

chromium.googlesource.com/infra/luci/luci-go

README ¶

Auth Service

Auth Service will manages and distribute data and configuration used for authorization decisions performed by services in a LUCI cluster.

This is a replacement the GAE v1 version of Auth Service.

Running locally

Targeting the real datastore:

cd auth_service/services/frontend
go run main.go -cloud-project chrome-infra-auth-dev

The server will be available at http://localhost:8800.

Uploading to GAE for adhoc testing

Prefer to test everything locally. If you must deploy to GAE, use:

cd auth_service
gae.py upload --target ${USER} -A chrome-infra-auth-dev --app-dir services defaultv2 backendv2

This will upload versions for both defaultv2 and backendv2 services, with target version name ${USER}.

Note that it doesn't switch the default serving version. Use Cloud Console or gcloud app services set-traffic to switch the serving version of defaultv2 and backendv2 services. Be careful not to touch default and backend. They are deployed from Python code.

Production deployment

Deployment to staging and production are performed by gae-deploy builder. Deploying directly to production using gae.py is strongly ill-advised.

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
api
configspb Package configspb defines configs that are used by auth service.	Package configspb defines configs that are used by auth service.
internalspb Package internalspb defines RPCs used internally by the auth service UI.	Package internalspb defines RPCs used internally by the auth service UI.
rpcpb Package rpcpb defines RPCs exposed by the auth service.	Package rpcpb defines RPCs exposed by the auth service.
taskspb Package taskspb defines tasks used by auth service.	Package taskspb defines tasks used by auth service.
constants Package constants holds constants that are commonly used in Auth Service.	Package constants holds constants that are commonly used in Auth Service.
impl Package impl contains code shared by `frontend` and `backend` services.	Package impl contains code shared by `frontend` and `backend` services.
info Package info facilitates adding global application info to a context.	Package info facilitates adding global application info to a context.
model Package model contains datastore model definitions.	Package model contains datastore model definitions.
model/graph Package graph contains groups graph definitions and operations.	Package graph contains groups graph definitions and operations.
servers/accounts Package accounts contains Accounts server implementation.	Package accounts contains Accounts server implementation.
servers/allowlists Package allowlists contains Allowlists server implementation.	Package allowlists contains Allowlists server implementation.
servers/authdb Package authdb contains methods to work with authdb.	Package authdb contains methods to work with authdb.
servers/changelogs Package changelogs contains ChangeLogs server implementation.	Package changelogs contains ChangeLogs server implementation.
servers/groups Package groups contains Groups server implementation.	Package groups contains Groups server implementation.
servers/imports Package imports contains Imports endpoints implementation.	Package imports contains Imports endpoints implementation.
servers/internals Package internals contains Internals server implementation.	Package internals contains Internals server implementation.
servers/oauth Package oauth contains methods to work with oauth endpoint.	Package oauth contains methods to work with oauth endpoint.
servers/replicas Package replicas contains Replicas server implementation.	Package replicas contains Replicas server implementation.
util/zlib Package zlib contains functions for zlib encoding and decoding.	Package zlib contains functions for zlib encoding and decoding.
internal
configs/srvcfg/allowlistcfg Package allowlistcfg contains code to work with ip_allowlist.cfg.	Package allowlistcfg contains code to work with ip_allowlist.cfg.
configs/srvcfg/importscfg Package importscfg contains code to work with imports.cfg.	Package importscfg contains code to work with imports.cfg.
configs/srvcfg/oauthcfg Package oauthcfg contains code to work with oauth.cfg.	Package oauthcfg contains code to work with oauth.cfg.
configs/srvcfg/permissionscfg Package permissionscfg contains code to work with permissions.cfg	Package permissionscfg contains code to work with permissions.cfg
configs/srvcfg/realmscfg Package realmscfg contains code to work with realms.cfg	Package realmscfg contains code to work with realms.cfg
configs/srvcfg/securitycfg Package securitycfg contains code to work with security.cfg.	Package securitycfg contains code to work with security.cfg.
configs/srvcfg/settingscfg Package settingscfg contains code to work with settings.cfg.	Package settingscfg contains code to work with settings.cfg.
configs/validation Package validation contains code to validate the configs used by auth service.	Package validation contains code to validate the configs used by auth service.
gs Package gs is a generated GoMock package.	Package gs is a generated GoMock package.
permissions Package permissions contains functions for working with permissionsDB, used when generating internal realms representation for authDB.	Package permissions contains functions for working with permissionsDB, used when generating internal realms representation for authDB.
permissions/proto Package permissions contains the internal code for working with realms permissions.	Package permissions contains the internal code for working with realms permissions.
pubsub Package pubsub is a generated GoMock package.	Package pubsub is a generated GoMock package.
realmsinternals Package realmsinternals contains code for converting realms to internal representation (what is sent to clients through AuthDB).	Package realmsinternals contains code for converting realms to internal representation (what is sent to clients through AuthDB).
replicas Package replicas contains functionality to communicate with legacy services that rely on the "direct push" method of AuthDB replication.	Package replicas contains functionality to communicate with legacy services that rely on the "direct push" method of AuthDB replication.
services
backend Package main is the main point of entry for the backend module.	Package main is the main point of entry for the backend module.
frontend Package main is the main point of entry for the frontend module.	Package main is the main point of entry for the frontend module.
frontend/subscription Package subscription contains functionality to handle AuthDB access, including authorization to subscribe to the Pubsub topic for AuthDB change notifications, and updating ACLs to the AuthDB in Google Cloud Storage.	Package subscription contains functionality to handle AuthDB access, including authorization to subscribe to the Pubsub topic for AuthDB change notifications, and updating ACLs to the AuthDB in Google Cloud Storage.
testsupport Package testsupport contains helper functions for testing auth service.	Package testsupport contains helper functions for testing auth service.