+ return context->credentials ? afb_cred_export(context->credentials) : NULL;
+}
+
+int afb_context_on_behalf_import(struct afb_context *context, const char *exported)
+{
+ int rc;
+ struct afb_cred *imported, *ocred;
+
+ if (!exported || !*exported)
+ rc = 0;
+ else {
+ if (afb_context_has_permission(context, afb_permission_on_behalf_credential)) {
+ imported = afb_cred_import(exported);
+ if (!imported) {
+ ERROR("Can't import on behalf credentials: %m");
+ rc = -1;
+ } else {
+ ocred = context->credentials;
+ context->credentials = imported;
+ afb_cred_unref(ocred);
+ rc = 0;
+ }
+ } else {
+ ERROR("On behalf credentials refused");
+ rc = -1;
+ }
+ }
+ return rc;
+}
+
+void afb_context_on_behalf_other_context(struct afb_context *context, struct afb_context *other)
+{
+ afb_context_change_cred(context, other->credentials);
+ afb_context_change_token(context, other->token);
+}
+
+int afb_context_has_permission(struct afb_context *context, const char *permission)
+{
+ return afb_perm_check(context, permission);
+}
+
+void afb_context_has_permission_async(
+ struct afb_context *context,
+ const char *permission,
+ void (*callback)(void *_closure, int _status),
+ void *closure
+)
+{
+ return afb_perm_check_async(context, permission, callback, closure);
+}
+
+const char *afb_context_uuid(struct afb_context *context)
+{
+ return context->session ? afb_session_uuid(context->session) : NULL;
+}
+
+void *afb_context_make(struct afb_context *context, int replace, void *(*make_value)(void *closure), void (*free_value)(void *item), void *closure)
+{
+ assert(context->session != NULL);
+ return afb_session_cookie(context->session, context->api_key, make_value, free_value, closure, replace);