forked from TrueCloudLab/frostfs-s3-gw
*: fix comments for golint
Signed-off-by: Roman Khimov <roman@nspcc.ru>
This commit is contained in:
parent
d19ce03072
commit
184c26551a
8 changed files with 28 additions and 2 deletions
|
@ -9,6 +9,7 @@ import (
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// BearerTokenKey is an ID used to store bearer token in a context.
|
||||||
const BearerTokenKey = "__context_bearer_token_key"
|
const BearerTokenKey = "__context_bearer_token_key"
|
||||||
|
|
||||||
// AttachUserAuth adds user authentication via center to router using log for logging.
|
// AttachUserAuth adds user authentication via center to router using log for logging.
|
||||||
|
|
|
@ -3,19 +3,23 @@ package accessbox
|
||||||
import "github.com/nspcc-dev/neofs-api-go/pkg/token"
|
import "github.com/nspcc-dev/neofs-api-go/pkg/token"
|
||||||
|
|
||||||
type (
|
type (
|
||||||
|
// Box provides marshalling/unmarshalling for the token.
|
||||||
Box interface {
|
Box interface {
|
||||||
Marshal() ([]byte, error)
|
Marshal() ([]byte, error)
|
||||||
Unmarshal([]byte) error
|
Unmarshal([]byte) error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Encoder provides encoding method.
|
||||||
Encoder interface {
|
Encoder interface {
|
||||||
Encode(Box) error
|
Encode(Box) error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Decoder provides decoding method.
|
||||||
Decoder interface {
|
Decoder interface {
|
||||||
Decode(Box) error
|
Decode(Box) error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// BearerTokenBox is a marshalling/unmarshalling bearer token wrapper.
|
||||||
BearerTokenBox interface {
|
BearerTokenBox interface {
|
||||||
Box
|
Box
|
||||||
|
|
||||||
|
|
|
@ -8,14 +8,17 @@ type bearerBox struct {
|
||||||
tkn *token.BearerToken
|
tkn *token.BearerToken
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewBearerBox wraps given bearer token into BearerTokenBox.
|
||||||
func NewBearerBox(token *token.BearerToken) BearerTokenBox {
|
func NewBearerBox(token *token.BearerToken) BearerTokenBox {
|
||||||
return &bearerBox{tkn: token}
|
return &bearerBox{tkn: token}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Marshal serializes bearer token.
|
||||||
func (b *bearerBox) Marshal() ([]byte, error) {
|
func (b *bearerBox) Marshal() ([]byte, error) {
|
||||||
return b.tkn.Marshal(nil)
|
return b.tkn.Marshal(nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Marshal initializes bearer box from its serialized representation.
|
||||||
func (b *bearerBox) Unmarshal(data []byte) error {
|
func (b *bearerBox) Unmarshal(data []byte) error {
|
||||||
tkn := token.NewBearerToken()
|
tkn := token.NewBearerToken()
|
||||||
|
|
||||||
|
@ -29,10 +32,12 @@ func (b *bearerBox) Unmarshal(data []byte) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Token unwraps bearer token from the box.
|
||||||
func (b *bearerBox) Token() *token.BearerToken {
|
func (b *bearerBox) Token() *token.BearerToken {
|
||||||
return b.tkn
|
return b.tkn
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SetToken sets new token in the box.
|
||||||
func (b *bearerBox) SetToken(tkn *token.BearerToken) {
|
func (b *bearerBox) SetToken(tkn *token.BearerToken) {
|
||||||
b.tkn = tkn
|
b.tkn = tkn
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,6 +18,7 @@ type decoder struct {
|
||||||
key hcs.PrivateKey
|
key hcs.PrivateKey
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewDecoder returns new private key decoder.
|
||||||
func NewDecoder(r io.Reader, key hcs.PrivateKey) Decoder {
|
func NewDecoder(r io.Reader, key hcs.PrivateKey) Decoder {
|
||||||
return &decoder{Reader: bufio.NewReader(r), key: key}
|
return &decoder{Reader: bufio.NewReader(r), key: key}
|
||||||
}
|
}
|
||||||
|
@ -81,6 +82,7 @@ func (d *decoder) Decode(box Box) error {
|
||||||
return lastErr
|
return lastErr
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Decode unwraps serialized bearer token from data into box using owner key.
|
||||||
func Decode(data []byte, box Box, owner hcs.PrivateKey) error {
|
func Decode(data []byte, box Box, owner hcs.PrivateKey) error {
|
||||||
return NewDecoder(bytes.NewBuffer(data), owner).Decode(box)
|
return NewDecoder(bytes.NewBuffer(data), owner).Decode(box)
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,7 +19,7 @@ type encoder struct {
|
||||||
keys []hcs.PublicKey
|
keys []hcs.PublicKey
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewEncoder creates encoder
|
// NewEncoder creates encoder.
|
||||||
func NewEncoder(w io.Writer, owner hcs.PrivateKey, keys ...hcs.PublicKey) Encoder {
|
func NewEncoder(w io.Writer, owner hcs.PrivateKey, keys ...hcs.PublicKey) Encoder {
|
||||||
return &encoder{
|
return &encoder{
|
||||||
Writer: w,
|
Writer: w,
|
||||||
|
|
|
@ -18,6 +18,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type (
|
type (
|
||||||
|
// Credentials is a bearer token get/put interface.
|
||||||
Credentials interface {
|
Credentials interface {
|
||||||
Get(context.Context, *object.Address) (*token.BearerToken, error)
|
Get(context.Context, *object.Address) (*token.BearerToken, error)
|
||||||
Put(context.Context, *container.ID, *token.BearerToken, ...hcs.PublicKey) (*object.Address, error)
|
Put(context.Context, *container.ID, *token.BearerToken, ...hcs.PublicKey) (*object.Address, error)
|
||||||
|
@ -30,7 +31,9 @@ type (
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
// ErrEmptyPublicKeys is returned when no HCS keys are provided.
|
||||||
ErrEmptyPublicKeys = errors.New("HCS public keys could not be empty")
|
ErrEmptyPublicKeys = errors.New("HCS public keys could not be empty")
|
||||||
|
// ErrEmptyBearerToken is returned when no bearer token is provided.
|
||||||
ErrEmptyBearerToken = errors.New("Bearer token could not be empty")
|
ErrEmptyBearerToken = errors.New("Bearer token could not be empty")
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -42,6 +45,7 @@ var bufferPool = sync.Pool{
|
||||||
|
|
||||||
var _ = New
|
var _ = New
|
||||||
|
|
||||||
|
// New creates new Credentials instance using given cli and key.
|
||||||
func New(cli sdk.ClientPlant, key hcs.PrivateKey) Credentials {
|
func New(cli sdk.ClientPlant, key hcs.PrivateKey) Credentials {
|
||||||
return &cred{obj: cli, key: key}
|
return &cred{obj: cli, key: key}
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type (
|
type (
|
||||||
|
// Credentials is an HCS interface (private/public key).
|
||||||
Credentials interface {
|
Credentials interface {
|
||||||
PublicKey() PublicKey
|
PublicKey() PublicKey
|
||||||
PrivateKey() PrivateKey
|
PrivateKey() PrivateKey
|
||||||
|
@ -20,10 +21,12 @@ type (
|
||||||
String() string
|
String() string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// PublicKey is a public key wrapper providing useful methods.
|
||||||
PublicKey interface {
|
PublicKey interface {
|
||||||
keyer
|
keyer
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// PrivateKey is private key wrapper providing useful methods.
|
||||||
PrivateKey interface {
|
PrivateKey interface {
|
||||||
keyer
|
keyer
|
||||||
|
|
||||||
|
@ -39,10 +42,12 @@ type (
|
||||||
secret []byte
|
secret []byte
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// ErrEmptyCredentials is returned when no credentials are provided.
|
||||||
var ErrEmptyCredentials = errors.New("empty credentials")
|
var ErrEmptyCredentials = errors.New("empty credentials")
|
||||||
|
|
||||||
var _ = NewCredentials
|
var _ = NewCredentials
|
||||||
|
|
||||||
|
// Generate generates new key pair using given source of randomness.
|
||||||
func Generate(r io.Reader) (Credentials, error) {
|
func Generate(r io.Reader) (Credentials, error) {
|
||||||
buf := make([]byte, curve25519.ScalarSize)
|
buf := make([]byte, curve25519.ScalarSize)
|
||||||
|
|
||||||
|
@ -57,6 +62,7 @@ func Generate(r io.Reader) (Credentials, error) {
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewCredentials loads private key from the string given and returns Credentials wrapper.
|
||||||
func NewCredentials(val string) (Credentials, error) {
|
func NewCredentials(val string) (Credentials, error) {
|
||||||
if val == "" {
|
if val == "" {
|
||||||
return nil, ErrEmptyCredentials
|
return nil, ErrEmptyCredentials
|
||||||
|
@ -73,10 +79,12 @@ func NewCredentials(val string) (Credentials, error) {
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// PublicKey returns public key.
|
||||||
func (c *credentials) PublicKey() PublicKey {
|
func (c *credentials) PublicKey() PublicKey {
|
||||||
return c.public
|
return c.public
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// PrivateKey returns private key.
|
||||||
func (c *credentials) PrivateKey() PrivateKey {
|
func (c *credentials) PrivateKey() PrivateKey {
|
||||||
return c.secret
|
return c.secret
|
||||||
}
|
}
|
||||||
|
|
|
@ -40,6 +40,7 @@ func publicKeyFromString(val string) (PublicKey, error) {
|
||||||
return publicKeyFromBytes(v)
|
return publicKeyFromBytes(v)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewPublicKeyFromReader reads new public key from given reader.
|
||||||
func NewPublicKeyFromReader(r io.Reader) (PublicKey, error) {
|
func NewPublicKeyFromReader(r io.Reader) (PublicKey, error) {
|
||||||
data := make([]byte, curve25519.PointSize)
|
data := make([]byte, curve25519.PointSize)
|
||||||
if _, err := r.Read(data); err != nil {
|
if _, err := r.Read(data); err != nil {
|
||||||
|
@ -49,6 +50,7 @@ func NewPublicKeyFromReader(r io.Reader) (PublicKey, error) {
|
||||||
return publicKeyFromBytes(data)
|
return publicKeyFromBytes(data)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// LoadPublicKey loads public key from given file or (serialized) string.
|
||||||
func LoadPublicKey(val string) (PublicKey, error) {
|
func LoadPublicKey(val string) (PublicKey, error) {
|
||||||
data, err := ioutil.ReadFile(val)
|
data, err := ioutil.ReadFile(val)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in a new issue