mirror of
https://github.com/digital-asset/daml.git
synced 2024-09-20 01:07:18 +03:00
f9e67adafc
* [Self-service error codes] Implement V2 in Authorizer CHANGELOG_BEGIN CHANGELOG_END * Added unit test for authorize (non-streamed) * Fix after rebase * Do not expose the error codes switching mechanism to the Java bindings * Adjust InternalAuthorizationError to be SystemInternalAssumptionViolated * Parameter names in test * Testing AuthorizationInterceptor with regard to returned error codes * Do not use default error code version switchers at instance creation * Addressed Pawel's review comments * Using ErrorFactories for error dispatching * Pass loggingContext to Authorizer where available * Generic internal authorization error |
||
---|---|---|
.. | ||
src | ||
BUILD.bazel | ||
README.md |
Ledger API authorization
General authorization in gRPC
An Interceptor
reads HTTP headers, and stores relevant information (e.g., claims) in a Context
.
GRPC services read the stored data from the Context
in order to validate the requests.
Authorization in the ledger API
The AuthService
defines an interface for decoding HTTP headers into Claims
.
The ledger API server takes an AuthService
implementation as an argument.
The ledger API server uses a call interceptor and the given AuthService
implementation to to store decoded Claims
in the gRPC Context
.
All ledger API services use the Claims
to validate their requests.