mirror of
https://github.com/google/nomulus
synced 2026-01-09 07:33:42 +00:00
3412f4417f
This means that LegacyAuthenticationMechanism or a to-be-created OAuth2AuthenticationMechanism) can return a UserAuthInfo object that contains either the GAE User or the console User as appropriate. The goal is that the non-auth flows shouldn't have to know about which user type it is. Note: the registry lock flow (for now) needs to know about the separate types of auth because it is a separate level of auth from the standard AuthenticatedRegistrarAccessor. The AuthenticatedRegistrarAccessor code is a bit odd because the new role system doesn't quite fit neatly into the old registrar -> OWNER,ADMIN system but this is a fine approximation. Basically, any new registrar role will map to the old OWNER role.