forked from TrueCloudLab/frostfs-api-go
Merge pull request #81 from nspcc-dev/service-token-owner-key
Update to neofs-api v0.7.5
This commit is contained in:
commit
a82a2e1f57
7 changed files with 56 additions and 5 deletions
2
Makefile
2
Makefile
|
@ -1,4 +1,4 @@
|
|||
PROTO_VERSION=v0.7.4
|
||||
PROTO_VERSION=v0.7.5
|
||||
PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
|
||||
|
||||
B=\033[0;1m
|
||||
|
|
|
@ -132,6 +132,7 @@ User token granting rights for object manipulation
|
|||
| Address | [refs.Address](#refs.Address) | | Address is an object address for which token is issued |
|
||||
| Lifetime | [TokenLifetime](#service.TokenLifetime) | | Lifetime is a lifetime of the session |
|
||||
| SessionKey | [bytes](#bytes) | | SessionKey is a public key of session key |
|
||||
| OwnerKey | [bytes](#bytes) | | OwnerKey is a public key of the token owner |
|
||||
|
||||
|
||||
<a name="service.TokenLifetime"></a>
|
||||
|
|
|
@ -103,6 +103,11 @@ func (m *Token_Info) SetSessionKey(key []byte) {
|
|||
m.SessionKey = key
|
||||
}
|
||||
|
||||
// SetOwnerKey is an OwnerKey field setter.
|
||||
func (m *Token_Info) SetOwnerKey(key []byte) {
|
||||
m.OwnerKey = key
|
||||
}
|
||||
|
||||
// SetSignature is a Signature field setter.
|
||||
func (m *Token) SetSignature(sig []byte) {
|
||||
m.Signature = sig
|
||||
|
@ -169,11 +174,11 @@ func NewVerifiedSessionToken(token SessionToken) DataWithSignature {
|
|||
}
|
||||
}
|
||||
|
||||
func tokenInfoSize(v SessionKeySource) int {
|
||||
func tokenInfoSize(v SessionTokenInfo) int {
|
||||
if v == nil {
|
||||
return 0
|
||||
}
|
||||
return fixedTokenDataSize + len(v.GetSessionKey())
|
||||
return fixedTokenDataSize + len(v.GetSessionKey()) + len(v.GetOwnerKey())
|
||||
}
|
||||
|
||||
// Fills passed buffer with signing token information bytes.
|
||||
|
@ -203,7 +208,9 @@ func copyTokenSignedData(buf []byte, token SessionTokenInfo) {
|
|||
tokenEndianness.PutUint64(buf[off:], token.ExpirationEpoch())
|
||||
off += 8
|
||||
|
||||
copy(buf[off:], token.GetSessionKey())
|
||||
off += copy(buf[off:], token.GetSessionKey())
|
||||
|
||||
copy(buf[off:], token.GetOwnerKey())
|
||||
}
|
||||
|
||||
// SignedData concatenates signed data with session token information. Returns concatenation result.
|
||||
|
|
|
@ -77,6 +77,16 @@ func TestTokenGettersSetters(t *testing.T) {
|
|||
require.Equal(t, key, tok.GetSessionKey())
|
||||
}
|
||||
|
||||
{
|
||||
key := make([]byte, 10)
|
||||
_, err := rand.Read(key)
|
||||
require.NoError(t, err)
|
||||
|
||||
tok.SetOwnerKey(key)
|
||||
|
||||
require.Equal(t, key, tok.GetOwnerKey())
|
||||
}
|
||||
|
||||
{ // Signature
|
||||
sig := make([]byte, 10)
|
||||
_, err := rand.Read(sig)
|
||||
|
@ -126,6 +136,11 @@ func TestSignToken(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
token.SetSessionKey(sessionKey)
|
||||
|
||||
ownerKey := make([]byte, 10)
|
||||
_, err = rand.Read(ownerKey[:])
|
||||
require.NoError(t, err)
|
||||
token.SetOwnerKey(ownerKey)
|
||||
|
||||
signedToken := NewSignedSessionToken(token)
|
||||
verifiedToken := NewVerifiedSessionToken(token)
|
||||
|
||||
|
@ -211,6 +226,18 @@ func TestSignToken(t *testing.T) {
|
|||
token.SetSessionKey(sessionKey)
|
||||
},
|
||||
},
|
||||
{ // Owner key
|
||||
corrupt: func() {
|
||||
ownerKey := token.GetOwnerKey()
|
||||
ownerKey[0]++
|
||||
token.SetOwnerKey(ownerKey)
|
||||
},
|
||||
restore: func() {
|
||||
ownerKey := token.GetOwnerKey()
|
||||
ownerKey[0]--
|
||||
token.SetOwnerKey(ownerKey)
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, v := range items {
|
||||
|
|
|
@ -158,6 +158,17 @@ type SignatureContainer interface {
|
|||
SetSignature([]byte)
|
||||
}
|
||||
|
||||
// OwnerKeySource is an interface of the container of owner key bytes with read access.
|
||||
type OwnerKeySource interface {
|
||||
GetOwnerKey() []byte
|
||||
}
|
||||
|
||||
// OwnerKeyContainer is an interface of the container of owner key bytes.
|
||||
type OwnerKeyContainer interface {
|
||||
OwnerKeySource
|
||||
SetOwnerKey([]byte)
|
||||
}
|
||||
|
||||
// SessionTokenSource is an interface of the container of a SessionToken with read access.
|
||||
type SessionTokenSource interface {
|
||||
GetSessionToken() SessionToken
|
||||
|
@ -170,7 +181,8 @@ type SessionTokenSource interface {
|
|||
// - verb of the session;
|
||||
// - address of the session object;
|
||||
// - token lifetime;
|
||||
// - public session key bytes.
|
||||
// - public session key bytes;
|
||||
// - owner's public key bytes.
|
||||
type SessionTokenInfo interface {
|
||||
TokenIDContainer
|
||||
OwnerIDContainer
|
||||
|
@ -178,6 +190,7 @@ type SessionTokenInfo interface {
|
|||
AddressContainer
|
||||
LifetimeContainer
|
||||
SessionKeyContainer
|
||||
OwnerKeyContainer
|
||||
}
|
||||
|
||||
// SessionToken is an interface of token information and signature pair.
|
||||
|
|
Binary file not shown.
|
@ -63,6 +63,9 @@ message Token {
|
|||
|
||||
// SessionKey is a public key of session key
|
||||
bytes SessionKey = 6;
|
||||
|
||||
// OwnerKey is a public key of the token owner
|
||||
bytes OwnerKey = 7;
|
||||
}
|
||||
|
||||
// TokenInfo is a grouped information about token
|
||||
|
|
Loading…
Reference in a new issue