Corks are authorization tokens which are based off Google's Macaroons paper. They are bearer tokens which identify the entity possessing them, while providing a mechanism for embedding further restrictions via Cedar policy caveats.
The Dart package ships with a runnable demo in
dart/example/third_party_discharge/. It spins up a mock third-party
discharge service alongside a client that exercises the
SharedSecretTicketCodec and ThirdPartyDischargeClient helpers. From the
repository root run:
cd dart/example/third_party_discharge
dart pub get
dart run bin/server.dart # in one shell
dart run bin/client.dart ssoUse dart run bin/client.dart audit to see the audit webhook variant, or
dart run bin/client.dart both to request discharges for both caveats in a
single cork.
Corks use Protobuf for serialization and deserialization of bearers and caveats. The proto definitions are located in the proto directory and the Buf toolchain is used to generate Dart code from the Protobuf files.
To generate the Dart code, install Buf then run the following command:
$ make protos