forked from TrueCloudLab/frostfs-s3-gw
NFSSVC-27 Migrate to auth.GetBearerToken
This commit is contained in:
Evgeniy Kulikov
parent
e776e9c0cb
commit
e59d62237e
1 changed files with 17 additions and 22 deletions
|
|
@ -6,6 +6,7 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/minio/minio/auth"
|
||||||
"github.com/minio/minio/neofs/api"
|
"github.com/minio/minio/neofs/api"
|
||||||
"github.com/nspcc-dev/neofs-api-go/container"
|
"github.com/nspcc-dev/neofs-api-go/container"
|
||||||
"github.com/nspcc-dev/neofs-api-go/refs"
|
"github.com/nspcc-dev/neofs-api-go/refs"
|
||||||
|
|
@ -47,17 +48,6 @@ type (
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO should be replaced with auth.GetBearerToken
|
|
||||||
func getBearerToken(ctx context.Context) (*service.BearerTokenMsg, error) {
|
|
||||||
if val := ctx.Value("ctxBearerToken"); val == nil {
|
|
||||||
return nil, errors.New("empty bearer token")
|
|
||||||
} else if tkn, ok := val.(*service.BearerTokenMsg); ok {
|
|
||||||
return tkn, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil, errors.New("bad value for bearer token")
|
|
||||||
}
|
|
||||||
|
|
||||||
func (h *handler) getContainerInfo(ctx context.Context, p cnrInfoParams) (*Bucket, error) {
|
func (h *handler) getContainerInfo(ctx context.Context, p cnrInfoParams) (*Bucket, error) {
|
||||||
var (
|
var (
|
||||||
err error
|
err error
|
||||||
|
|
@ -92,27 +82,32 @@ func (h *handler) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
inf *Bucket
|
inf *Bucket
|
||||||
con *grpc.ClientConn
|
con *grpc.ClientConn
|
||||||
res *container.ListResponse
|
res *container.ListResponse
|
||||||
|
tkn *service.BearerTokenMsg
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO think about timeout
|
// TODO think about deadlines
|
||||||
ctx, cancel := context.WithTimeout(r.Context(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(r.Context(), 30*time.Second)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
// TODO should be replaced with auth.GetBearerToken,
|
if tkn, err = auth.GetBearerToken(ctx); err != nil {
|
||||||
// than if we not received token, should call
|
h.log.Error("could not fetch bearer token",
|
||||||
// api.WriteErrorResponse
|
zap.Error(err))
|
||||||
bearer, _ := getBearerToken(ctx)
|
|
||||||
|
|
||||||
// should be taken from BearerToken, to display only users containers
|
e := api.GetAPIError(api.ErrInternalError)
|
||||||
// in future
|
|
||||||
if bearer != nil {
|
api.WriteErrorResponse(ctx, w, api.Error{
|
||||||
uid = bearer.OwnerID
|
Code: e.Code,
|
||||||
|
Description: err.Error(),
|
||||||
|
HTTPStatusCode: e.HTTPStatusCode,
|
||||||
|
}, r.URL)
|
||||||
|
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
req := new(container.ListRequest)
|
req := new(container.ListRequest)
|
||||||
req.OwnerID = uid
|
req.OwnerID = uid
|
||||||
req.SetTTL(service.SingleForwardingTTL)
|
req.SetTTL(service.SingleForwardingTTL)
|
||||||
req.SetBearer(bearer)
|
req.SetBearer(tkn)
|
||||||
// req.SetVersion(APIVersion) ??
|
// req.SetVersion(APIVersion) ??
|
||||||
|
|
||||||
if con, err = h.cli.GetConnection(ctx); err != nil {
|
if con, err = h.cli.GetConnection(ctx); err != nil {
|
||||||
|
|
@ -161,7 +156,7 @@ func (h *handler) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
DisplayName: uid.String(),
|
DisplayName: uid.String(),
|
||||||
}}
|
}}
|
||||||
|
|
||||||
params := cnrInfoParams{con: con, tkn: bearer}
|
params := cnrInfoParams{con: con, tkn: tkn}
|
||||||
|
|
||||||
for _, cid := range res.CID {
|
for _, cid := range res.CID {
|
||||||
// should receive each container info (??):
|
// should receive each container info (??):
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue