1 files changed, 35 insertions, 20 deletions

diff --git a/macaroonbakery/discharge.py b/macaroonbakery/discharge.py
index d4c0e5a..f54fc97 100644
--- a/macaroonbakery/discharge.py
+++ b/macaroonbakery/discharge.py
@@ -3,11 +3,13 @@
 import abc
 from collections import namedtuple
 
-import macaroonbakery
+import macaroonbakery as bakery
 import macaroonbakery.checkers as checkers
 
+emptyContext = checkers.AuthContext()
 
-def discharge_all(ctx, m, get_discharge, local_key=None):
+
+def discharge_all(m, get_discharge, local_key=None):
     '''Gathers discharge macaroons for all the third party caveats in m
     (and any subsequent caveats required by those) using get_discharge to
     acquire each discharge macaroon.
@@ -46,13 +48,14 @@ def discharge_all(ctx, m, get_discharge, local_key=None):
         need = need[1:]
         if local_key is not None and cav.cav.location == 'local':
             # TODO use a small caveat id.
-            dm = discharge(ctx=ctx, key=local_key,
+            dm = discharge(ctx=emptyContext,
+                           key=local_key,
                            checker=_LocalDischargeChecker(),
                            caveat=cav.encrypted_caveat,
                            id=cav.cav.caveat_id_bytes,
                            locator=_EmptyLocator())
         else:
-            dm = get_discharge(ctx, cav.cav, cav.encrypted_caveat)
+            dm = get_discharge(cav.cav, cav.encrypted_caveat)
         # It doesn't matter that we're invalidating dm here because we're
         # about to throw it away.
         discharge_m = dm.macaroon
@@ -87,7 +90,7 @@ class ThirdPartyCaveatChecker(object):
 class _LocalDischargeChecker(ThirdPartyCaveatChecker):
     def check_third_party_caveat(self, ctx, info):
         if info.condition != 'true':
-            raise macaroonbakery.CaveatNotRecognizedError()
+            raise bakery.CaveatNotRecognizedError()
         return []
 
 
@@ -122,15 +125,24 @@ def discharge(ctx, id, caveat, key, checker, locator):
         # caveats are added, use that id as the prefix
         # for any more ids.
         caveat_id_prefix = id
-    cav_info = macaroonbakery.decode_caveat(key, caveat)
-
+    cav_info = bakery.decode_caveat(key, caveat)
+    cav_info = bakery.ThirdPartyCaveatInfo(
+        condition=cav_info.condition,
+        first_party_public_key=cav_info.first_party_public_key,
+        third_party_key_pair=cav_info.third_party_key_pair,
+        root_key=cav_info.root_key,
+        caveat=cav_info.caveat,
+        version=cav_info.version,
+        id=id,
+        namespace=cav_info.namespace
+    )
     # Note that we don't check the error - we allow the
     # third party checker to see even caveats that we can't
     # understand.
     try:
         cond, arg = checkers.parse_caveat(cav_info.condition)
     except ValueError as exc:
-        raise macaroonbakery.VerificationError(exc.args[0])
+        raise bakery.VerificationError(exc.args[0])
 
     if cond == checkers.COND_NEED_DECLARED:
         cav_info = cav_info._replace(condition=arg.encode('utf-8'))
@@ -142,8 +154,13 @@ def discharge(ctx, id, caveat, key, checker, locator):
     # be stored persistently. Indeed, it would be a problem if
     # we did, because then the macaroon could potentially be used
     # for normal authorization with the third party.
-    m = macaroonbakery.Macaroon(cav_info.root_key, id, '', cav_info.version,
-                                cav_info.namespace)
+    m = bakery.Macaroon(
+        cav_info.root_key,
+        id,
+        '',
+        cav_info.version,
+        cav_info.namespace,
+    )
     m._caveat_id_prefix = caveat_id_prefix
     if caveats is not None:
         for cav in caveats:
@@ -155,16 +172,15 @@ def _check_need_declared(ctx, cav_info, checker):
     arg = cav_info.condition.decode('utf-8')
     i = arg.find(' ')
     if i <= 0:
-        raise macaroonbakery.VerificationError(
-            'need-declared caveat requires an argument, got %q'.format(arg))
+        raise bakery.VerificationError(
+            'need-declared caveat requires an argument, got %q'.format(arg),
+        )
     need_declared = arg[0:i].split(',')
     for d in need_declared:
         if d == '':
-            raise macaroonbakery.VerificationError('need-declared caveat with '
-                                                   'empty required attribute')
+            raise bakery.VerificationError('need-declared caveat with empty required attribute')
     if len(need_declared) == 0:
-        raise macaroonbakery.VerificationError('need-declared caveat with no '
-                                               'required attributes')
+        raise bakery.VerificationError('need-declared caveat with no required attributes')
     cav_info = cav_info._replace(condition=arg[i + 1:].encode('utf-8'))
     caveats = checker.check_third_party_caveat(ctx, cav_info)
     declared = {}
@@ -181,8 +197,7 @@ def _check_need_declared(ctx, cav_info, checker):
             continue
         parts = arg.split()
         if len(parts) != 2:
-            raise macaroonbakery.VerificationError('declared caveat has no '
-                                                   'value')
+            raise bakery.VerificationError('declared caveat has no value')
         declared[parts[0]] = True
     # Add empty declarations for everything mentioned in need-declared
     # that was not actually declared.
@@ -192,7 +207,7 @@ def _check_need_declared(ctx, cav_info, checker):
     return caveats
 
 
-class _EmptyLocator(macaroonbakery.ThirdPartyLocator):
+class _EmptyLocator(bakery.ThirdPartyLocator):
     def third_party_info(self, loc):
         return None
 
@@ -205,6 +220,6 @@ def local_third_party_caveat(key, version):
     '''
     encoded_key = key.encode().decode('utf-8')
     loc = 'local {}'.format(encoded_key)
-    if version >= macaroonbakery.BAKERY_V2:
+    if version >= bakery.VERSION_2:
         loc = 'local {} {}'.format(version, encoded_key)
     return checkers.Caveat(location=loc, condition='')