README
The Token Server
The token server is responsible for minting short-lived (<1 hour) stateless access tokens for Swarming bots. It uses PKI to authenticate bots.
Code layout:
frontend
,backend
- entry points for GAE service binaries.devcfg
- luci-config config files when running locally.impl
- the root package with all implementation guts.
Directories
Path | Synopsis |
---|---|
backend | Binary backend implements HTTP server that handles requests to 'backend' module. |
frontend | Binary frontend implements HTTP server that handles requests to 'default' module. |
impl | Package impl holds code to initialize the server environment. |
impl/certchecker | Package certchecker contains implementation of CertChecker. |
impl/certconfig | Package certconfig contains code to work with imported CAs and their CRLs. |
impl/delegation | |
impl/machinetoken | Package machinetoken implements generation of LUCI machine tokens. |
impl/projectscope | |
impl/serviceaccounts | |
impl/serviceaccountsv2 | Package serviceaccountsv2 implements MintServiceAccountToken RPC. |
impl/services/admin/adminsrv | Package adminsrv implements Admin API. |
impl/services/admin/certauthorities | Package certauthorities implements CertificateAuthorities API. |
impl/services/minter/tokenminter | Package tokenminter implements TokenMinter API. |
impl/utils | Package utils contains a variety of small utility functions used by other tokenserver packages. |
impl/utils/bq | Package bq contains helpers for uploading rows to BigQuery. |
impl/utils/identityset | Package identityset implements a set-like structure for identity.Identity. |
impl/utils/policy | Package policy contains implementation of Policy parsing and querying. |
impl/utils/projectidentity | |
impl/utils/revocation | Package revocation contains utilities for implementing token revocation. |
impl/utils/shards | Package shards provides a low level support for implementing sharded set of []byte blobs. |
impl/utils/tokensigning | Package tokensigning implements utilities for RSA-signing of proto messages. |