2020-01-30 11:41:24 +00:00
# Protocol Documentation
< a name = "top" > < / a >
## Table of Contents
- [session/service.proto ](#session/service.proto )
- Services
2020-08-13 16:18:53 +00:00
- [SessionService ](#neo.fs.v2.session.SessionService )
2020-01-30 11:41:24 +00:00
- Messages
2020-08-13 16:18:53 +00:00
- [CreateRequest ](#neo.fs.v2.session.CreateRequest )
- [CreateRequest.Body ](#neo.fs.v2.session.CreateRequest.Body )
- [CreateResponse ](#neo.fs.v2.session.CreateResponse )
- [CreateResponse.Body ](#neo.fs.v2.session.CreateResponse.Body )
2020-01-30 11:41:24 +00:00
2020-08-18 13:51:28 +00:00
- [session/types.proto ](#session/types.proto )
- Messages
2021-06-03 12:34:19 +00:00
- [ContainerSessionContext ](#neo.fs.v2.session.ContainerSessionContext )
2020-08-18 13:51:28 +00:00
- [ObjectSessionContext ](#neo.fs.v2.session.ObjectSessionContext )
2022-09-23 14:57:44 +00:00
- [ObjectSessionContext.Target ](#neo.fs.v2.session.ObjectSessionContext.Target )
2020-08-19 14:00:23 +00:00
- [RequestMetaHeader ](#neo.fs.v2.session.RequestMetaHeader )
- [RequestVerificationHeader ](#neo.fs.v2.session.RequestVerificationHeader )
- [ResponseMetaHeader ](#neo.fs.v2.session.ResponseMetaHeader )
- [ResponseVerificationHeader ](#neo.fs.v2.session.ResponseVerificationHeader )
2020-08-18 13:51:28 +00:00
- [SessionToken ](#neo.fs.v2.session.SessionToken )
- [SessionToken.Body ](#neo.fs.v2.session.SessionToken.Body )
- [SessionToken.Body.TokenLifetime ](#neo.fs.v2.session.SessionToken.Body.TokenLifetime )
2020-08-19 14:00:23 +00:00
- [XHeader ](#neo.fs.v2.session.XHeader )
2020-08-18 13:51:28 +00:00
2020-01-30 11:41:24 +00:00
- [Scalar Value Types ](#scalar-value-types )
< a name = "session/service.proto" > < / a >
< p align = "right" > < a href = "#top" > Top< / a > < / p >
## session/service.proto
2020-08-13 16:18:53 +00:00
< a name = "neo.fs.v2.session.SessionService" > < / a >
2020-01-30 11:41:24 +00:00
2020-08-13 16:18:53 +00:00
### Service "neo.fs.v2.session.SessionService"
2020-10-16 11:40:12 +00:00
`SessionService` allows to establish a temporary trust relationship between
two peer nodes and generate a `SessionToken` as the proof of trust to be
attached in requests for further verification. Please see corresponding
section of NeoFS Technical Specification for details.
2020-01-30 11:41:24 +00:00
```
2020-05-07 15:44:23 +00:00
rpc Create(CreateRequest) returns (CreateResponse);
2020-01-30 11:41:24 +00:00
```
#### Method Create
2022-06-21 11:32:14 +00:00
Open a new session between two peers.
2020-01-30 11:41:24 +00:00
2021-11-12 16:10:39 +00:00
Statuses:
- **OK** (0, SECTION_SUCCESS):
session has been successfully opened;
- Common failures (SECTION_FAILURE_COMMON).
2020-01-30 11:41:24 +00:00
| Name | Input | Output |
| ---- | ----- | ------ |
2020-08-13 16:18:53 +00:00
| Create | [CreateRequest ](#neo.fs.v2.session.CreateRequest ) | [CreateResponse ](#neo.fs.v2.session.CreateResponse ) |
2020-01-30 11:41:24 +00:00
<!-- end services -->
2020-08-13 16:18:53 +00:00
< a name = "neo.fs.v2.session.CreateRequest" > < / a >
2020-01-30 11:41:24 +00:00
### Message CreateRequest
2020-10-16 11:40:12 +00:00
Information necessary for opening a session.
2020-01-30 11:41:24 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2022-06-21 11:32:14 +00:00
| body | [CreateRequest.Body ](#neo.fs.v2.session.CreateRequest.Body ) | | Body of a create session token request message. |
2020-08-19 14:00:23 +00:00
| meta_header | [RequestMetaHeader ](#neo.fs.v2.session.RequestMetaHeader ) | | Carries request meta information. Header data is used only to regulate message transport and does not affect request execution. |
| verify_header | [RequestVerificationHeader ](#neo.fs.v2.session.RequestVerificationHeader ) | | Carries request verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. |
2020-01-30 11:41:24 +00:00
2020-08-13 16:18:53 +00:00
< a name = "neo.fs.v2.session.CreateRequest.Body" > < / a >
2020-08-11 15:49:56 +00:00
### Message CreateRequest.Body
2020-10-16 11:40:12 +00:00
Session creation request body
2020-08-11 15:49:56 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2021-02-11 13:13:07 +00:00
| owner_id | [neo.fs.v2.refs.OwnerID ](#neo.fs.v2.refs.OwnerID ) | | Session initiating user's or node's key derived `OwnerID` |
2020-10-16 11:40:12 +00:00
| expiration | [uint64 ](#uint64 ) | | Session expiration `Epoch` |
2020-08-11 15:49:56 +00:00
2020-08-13 16:18:53 +00:00
< a name = "neo.fs.v2.session.CreateResponse" > < / a >
2020-01-30 11:41:24 +00:00
### Message CreateResponse
2020-10-16 11:40:12 +00:00
Information about the opened session.
2020-01-30 11:41:24 +00:00
2020-08-11 15:49:56 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-08-13 16:18:53 +00:00
| body | [CreateResponse.Body ](#neo.fs.v2.session.CreateResponse.Body ) | | Body of create session token response message. |
2020-08-19 14:00:23 +00:00
| meta_header | [ResponseMetaHeader ](#neo.fs.v2.session.ResponseMetaHeader ) | | Carries response meta information. Header data is used only to regulate message transport and does not affect request execution. |
| verify_header | [ResponseVerificationHeader ](#neo.fs.v2.session.ResponseVerificationHeader ) | | Carries response verification information. This header is used to authenticate the nodes of the message route and check the correctness of transmission. |
2020-08-11 15:49:56 +00:00
2020-08-13 16:18:53 +00:00
< a name = "neo.fs.v2.session.CreateResponse.Body" > < / a >
2020-08-11 15:49:56 +00:00
### Message CreateResponse.Body
2020-10-16 11:40:12 +00:00
Session creation response body
2020-08-11 15:49:56 +00:00
2020-01-30 11:41:24 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-10-16 11:40:12 +00:00
| id | [bytes ](#bytes ) | | Identifier of a newly created session |
| session_key | [bytes ](#bytes ) | | Public key used for session |
2020-01-30 11:41:24 +00:00
<!-- end messages -->
<!-- end enums -->
2020-08-18 13:51:28 +00:00
< a name = "session/types.proto" > < / a >
< p align = "right" > < a href = "#top" > Top< / a > < / p >
## session/types.proto
<!-- end services -->
2021-06-03 12:34:19 +00:00
< a name = "neo.fs.v2.session.ContainerSessionContext" > < / a >
### Message ContainerSessionContext
Context information for Session Tokens related to ContainerService requests.
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
| verb | [ContainerSessionContext.Verb ](#neo.fs.v2.session.ContainerSessionContext.Verb ) | | Type of request for which the token is issued |
| wildcard | [bool ](#bool ) | | Spreads the action to all owner containers. If set, container_id field is ignored. |
| container_id | [neo.fs.v2.refs.ContainerID ](#neo.fs.v2.refs.ContainerID ) | | Particular container to which the action applies. Ignored if wildcard flag is set. |
2020-08-18 13:51:28 +00:00
< a name = "neo.fs.v2.session.ObjectSessionContext" > < / a >
### Message ObjectSessionContext
Context information for Session Tokens related to ObjectService requests
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-10-16 11:40:12 +00:00
| verb | [ObjectSessionContext.Verb ](#neo.fs.v2.session.ObjectSessionContext.Verb ) | | Type of request for which the token is issued |
2022-09-23 14:57:44 +00:00
| target | [ObjectSessionContext.Target ](#neo.fs.v2.session.ObjectSessionContext.Target ) | | Object session target. MUST be correctly formed and set. If `objects` field is not empty, then the session applies only to these elements, otherwise, to all objects from the specified container. |
< a name = "neo.fs.v2.session.ObjectSessionContext.Target" > < / a >
### Message ObjectSessionContext.Target
Carries objects involved in the object session.
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
| container | [neo.fs.v2.refs.ContainerID ](#neo.fs.v2.refs.ContainerID ) | | Indicates which container the session is spread to. Field MUST be set and correct. |
| objects | [neo.fs.v2.refs.ObjectID ](#neo.fs.v2.refs.ObjectID ) | repeated | Indicates which objects the session is spread to. Objects are expected to be stored in the NeoFS container referenced by `container` field. Each element MUST have correct format. |
2020-08-18 13:51:28 +00:00
2020-08-19 14:00:23 +00:00
< a name = "neo.fs.v2.session.RequestMetaHeader" > < / a >
### Message RequestMetaHeader
2020-10-16 11:40:12 +00:00
Meta information attached to the request. When forwarded between peers,
request meta headers are folded in matryoshka style.
2020-08-19 14:00:23 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-10-16 11:40:12 +00:00
| version | [neo.fs.v2.refs.Version ](#neo.fs.v2.refs.Version ) | | Peer's API version used |
| epoch | [uint64 ](#uint64 ) | | Peer's local epoch number. Set to 0 if unknown. |
| ttl | [uint32 ](#uint32 ) | | Maximum number of intermediate nodes in the request route |
| x_headers | [XHeader ](#neo.fs.v2.session.XHeader ) | repeated | Request X-Headers |
| session_token | [SessionToken ](#neo.fs.v2.session.SessionToken ) | | Session token within which the request is sent |
| bearer_token | [neo.fs.v2.acl.BearerToken ](#neo.fs.v2.acl.BearerToken ) | | `BearerToken` with eACL overrides for the request |
| origin | [RequestMetaHeader ](#neo.fs.v2.session.RequestMetaHeader ) | | `RequestMetaHeader` of the origin request |
2022-02-14 16:31:20 +00:00
| magic_number | [uint64 ](#uint64 ) | | NeoFS network magic. Must match the value for the network that the server belongs to. |
2020-08-19 14:00:23 +00:00
< a name = "neo.fs.v2.session.RequestVerificationHeader" > < / a >
### Message RequestVerificationHeader
2022-06-21 11:32:14 +00:00
Verification info for the request signed by all intermediate nodes.
2020-08-19 14:00:23 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2022-06-21 11:32:14 +00:00
| body_signature | [neo.fs.v2.refs.Signature ](#neo.fs.v2.refs.Signature ) | | Request Body signature. Should be generated once by the request initiator. |
2020-10-16 11:40:12 +00:00
| meta_signature | [neo.fs.v2.refs.Signature ](#neo.fs.v2.refs.Signature ) | | Request Meta signature is added and signed by each intermediate node |
| origin_signature | [neo.fs.v2.refs.Signature ](#neo.fs.v2.refs.Signature ) | | Signature of previous hops |
2020-08-19 14:00:23 +00:00
| origin | [RequestVerificationHeader ](#neo.fs.v2.session.RequestVerificationHeader ) | | Chain of previous hops signatures |
< a name = "neo.fs.v2.session.ResponseMetaHeader" > < / a >
### Message ResponseMetaHeader
Information about the response
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-10-16 11:40:12 +00:00
| version | [neo.fs.v2.refs.Version ](#neo.fs.v2.refs.Version ) | | Peer's API version used |
| epoch | [uint64 ](#uint64 ) | | Peer's local epoch number |
| ttl | [uint32 ](#uint32 ) | | Maximum number of intermediate nodes in the request route |
| x_headers | [XHeader ](#neo.fs.v2.session.XHeader ) | repeated | Response X-Headers |
| origin | [ResponseMetaHeader ](#neo.fs.v2.session.ResponseMetaHeader ) | | `ResponseMetaHeader` of the origin request |
2021-11-17 20:54:32 +00:00
| status | [neo.fs.v2.status.Status ](#neo.fs.v2.status.Status ) | | Status return |
2020-08-19 14:00:23 +00:00
< a name = "neo.fs.v2.session.ResponseVerificationHeader" > < / a >
### Message ResponseVerificationHeader
2022-06-21 11:32:14 +00:00
Verification info for the response signed by all intermediate nodes
2020-08-19 14:00:23 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2022-06-21 11:32:14 +00:00
| body_signature | [neo.fs.v2.refs.Signature ](#neo.fs.v2.refs.Signature ) | | Response Body signature. Should be generated once by an answering node. |
2020-10-16 11:40:12 +00:00
| meta_signature | [neo.fs.v2.refs.Signature ](#neo.fs.v2.refs.Signature ) | | Response Meta signature is added and signed by each intermediate node |
| origin_signature | [neo.fs.v2.refs.Signature ](#neo.fs.v2.refs.Signature ) | | Signature of previous hops |
2020-08-19 14:00:23 +00:00
| origin | [ResponseVerificationHeader ](#neo.fs.v2.session.ResponseVerificationHeader ) | | Chain of previous hops signatures |
2020-08-18 13:51:28 +00:00
< a name = "neo.fs.v2.session.SessionToken" > < / a >
### Message SessionToken
2020-10-16 11:40:12 +00:00
NeoFS Session Token.
2020-08-18 13:51:28 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-10-16 11:40:12 +00:00
| body | [SessionToken.Body ](#neo.fs.v2.session.SessionToken.Body ) | | Session Token contains the proof of trust between peers to be attached in requests for further verification. Please see corresponding section of NeoFS Technical Specification for details. |
| signature | [neo.fs.v2.refs.Signature ](#neo.fs.v2.refs.Signature ) | | Signature of `SessionToken` information |
2020-08-18 13:51:28 +00:00
< a name = "neo.fs.v2.session.SessionToken.Body" > < / a >
### Message SessionToken.Body
2020-10-16 11:40:12 +00:00
Session Token body
2020-08-18 13:51:28 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-10-16 11:40:12 +00:00
| id | [bytes ](#bytes ) | | Token identifier is a valid UUIDv4 in binary form |
| owner_id | [neo.fs.v2.refs.OwnerID ](#neo.fs.v2.refs.OwnerID ) | | Identifier of the session initiator |
| lifetime | [SessionToken.Body.TokenLifetime ](#neo.fs.v2.session.SessionToken.Body.TokenLifetime ) | | Lifetime of the session |
| session_key | [bytes ](#bytes ) | | Public key used in session |
| object | [ObjectSessionContext ](#neo.fs.v2.session.ObjectSessionContext ) | | ObjectService session context |
2021-06-03 12:34:19 +00:00
| container | [ContainerSessionContext ](#neo.fs.v2.session.ContainerSessionContext ) | | ContainerService session context |
2020-08-18 13:51:28 +00:00
< a name = "neo.fs.v2.session.SessionToken.Body.TokenLifetime" > < / a >
### Message SessionToken.Body.TokenLifetime
2020-12-11 07:20:21 +00:00
Lifetime parameters of the token. Field names taken from rfc7519.
2020-08-18 13:51:28 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
| exp | [uint64 ](#uint64 ) | | Expiration Epoch |
| nbf | [uint64 ](#uint64 ) | | Not valid before Epoch |
| iat | [uint64 ](#uint64 ) | | Issued at Epoch |
2020-08-19 14:00:23 +00:00
< a name = "neo.fs.v2.session.XHeader" > < / a >
### Message XHeader
2022-06-21 11:32:14 +00:00
Extended headers for Request/Response. They may contain any user-defined headers
2021-02-11 13:13:07 +00:00
to be interpreted on application level.
2022-06-21 11:32:14 +00:00
Key name must be a unique valid UTF-8 string. Value can't be empty. Requests or
2021-02-11 13:13:07 +00:00
Responses with duplicated header names or headers with empty values will be
considered invalid.
There are some "well-known" headers starting with `__NEOFS__` prefix that
affect system behaviour:
* __NEOFS__NETMAP_EPOCH \
Netmap epoch to use for object placement calculation. The `value` is string
encoded `uint64` in decimal presentation. If set to '0' or not set, the
current epoch only will be used.
* __NEOFS__NETMAP_LOOKUP_DEPTH \
If object can't be found using current epoch's netmap, this header limits
2022-06-21 11:32:14 +00:00
how many past epochs the node can look up through. The `value` is string
encoded `uint64` in decimal presentation. If set to '0' or not set, only the
current epoch will be used.
2020-08-19 14:00:23 +00:00
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
2020-10-16 11:40:12 +00:00
| key | [string ](#string ) | | Key of the X-Header |
| value | [string ](#string ) | | Value of the X-Header |
2020-08-19 14:00:23 +00:00
2020-08-18 13:51:28 +00:00
<!-- end messages -->
2021-06-03 12:34:19 +00:00
< a name = "neo.fs.v2.session.ContainerSessionContext.Verb" > < / a >
### ContainerSessionContext.Verb
Container request verbs
| Name | Number | Description |
| ---- | ------ | ----------- |
| VERB_UNSPECIFIED | 0 | Unknown verb |
| PUT | 1 | Refers to container.Put RPC call |
| DELETE | 2 | Refers to container.Delete RPC call |
| SETEACL | 3 | Refers to container.SetExtendedACL RPC call |
2020-08-18 13:51:28 +00:00
< a name = "neo.fs.v2.session.ObjectSessionContext.Verb" > < / a >
### ObjectSessionContext.Verb
Object request verbs
| Name | Number | Description |
| ---- | ------ | ----------- |
| VERB_UNSPECIFIED | 0 | Unknown verb |
| PUT | 1 | Refers to object.Put RPC call |
| GET | 2 | Refers to object.Get RPC call |
| HEAD | 3 | Refers to object.Head RPC call |
| SEARCH | 4 | Refers to object.Search RPC call |
| DELETE | 5 | Refers to object.Delete RPC call |
| RANGE | 6 | Refers to object.GetRange RPC call |
| RANGEHASH | 7 | Refers to object.GetRangeHash RPC call |
<!-- end enums -->
2020-01-30 11:41:24 +00:00
## Scalar Value Types
| .proto Type | Notes | C++ Type | Java Type | Python Type |
| ----------- | ----- | -------- | --------- | ----------- |
| < a name = "double" / > double | | double | double | float |
| < a name = "float" / > float | | float | float | float |
| < a name = "int32" / > int32 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint32 instead. | int32 | int | int |
| < a name = "int64" / > int64 | Uses variable-length encoding. Inefficient for encoding negative numbers – if your field is likely to have negative values, use sint64 instead. | int64 | long | int/long |
| < a name = "uint32" / > uint32 | Uses variable-length encoding. | uint32 | int | int/long |
| < a name = "uint64" / > uint64 | Uses variable-length encoding. | uint64 | long | int/long |
| < a name = "sint32" / > sint32 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int32s. | int32 | int | int |
| < a name = "sint64" / > sint64 | Uses variable-length encoding. Signed int value. These more efficiently encode negative numbers than regular int64s. | int64 | long | int/long |
| < a name = "fixed32" / > fixed32 | Always four bytes. More efficient than uint32 if values are often greater than 2^28. | uint32 | int | int |
| < a name = "fixed64" / > fixed64 | Always eight bytes. More efficient than uint64 if values are often greater than 2^56. | uint64 | long | int/long |
| < a name = "sfixed32" / > sfixed32 | Always four bytes. | int32 | int | int |
| < a name = "sfixed64" / > sfixed64 | Always eight bytes. | int64 | long | int/long |
| < a name = "bool" / > bool | | bool | boolean | boolean |
| < a name = "string" / > string | A string must always contain UTF-8 encoded or 7-bit ASCII text. | string | String | str/unicode |
| < a name = "bytes" / > bytes | May contain any arbitrary sequence of bytes. | string | ByteString | str |