forked from TrueCloudLab/frostfs-api
service: add Bearer token message to RequestVerificationHeader
This commit is contained in:
parent
e65752699f
commit
1d3ffeb841
2 changed files with 55 additions and 0 deletions
|
@ -13,6 +13,8 @@
|
|||
- [service/verify.proto](#service/verify.proto)
|
||||
|
||||
- Messages
|
||||
- [BearerTokenMsg](#service.BearerTokenMsg)
|
||||
- [BearerTokenMsg.Info](#service.BearerTokenMsg.Info)
|
||||
- [RequestVerificationHeader](#service.RequestVerificationHeader)
|
||||
- [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature)
|
||||
- [Token](#service.Token)
|
||||
|
@ -75,6 +77,32 @@ ResponseMetaHeader contains meta information based on request processing by serv
|
|||
<!-- end services -->
|
||||
|
||||
|
||||
<a name="service.BearerTokenMsg"></a>
|
||||
|
||||
### Message BearerTokenMsg
|
||||
BearerTokenMsg carries information about request ACL rules with limited lifetime
|
||||
|
||||
|
||||
| Field | Type | Label | Description |
|
||||
| ----- | ---- | ----- | ----------- |
|
||||
| TokenInfo | [BearerTokenMsg.Info](#service.BearerTokenMsg.Info) | | TokenInfo is a grouped information about token |
|
||||
| OwnerKey | [bytes](#bytes) | | OwnerKey is a public key of the token owner |
|
||||
| Signature | [bytes](#bytes) | | Signature is a signature of token information |
|
||||
|
||||
|
||||
<a name="service.BearerTokenMsg.Info"></a>
|
||||
|
||||
### Message BearerTokenMsg.Info
|
||||
|
||||
|
||||
|
||||
| Field | Type | Label | Description |
|
||||
| ----- | ---- | ----- | ----------- |
|
||||
| ACLRules | [bytes](#bytes) | | ACLRules is an ACL rules represented in bytes |
|
||||
| OwnerID | [bytes](#bytes) | | OwnerID is an owner of token |
|
||||
| ValidUntil | [uint64](#uint64) | | ValidUntil carries a last epoch of token lifetime |
|
||||
|
||||
|
||||
<a name="service.RequestVerificationHeader"></a>
|
||||
|
||||
### Message RequestVerificationHeader
|
||||
|
@ -86,6 +114,7 @@ RequestVerificationHeader is a set of signatures of every NeoFS Node that proces
|
|||
| ----- | ---- | ----- | ----------- |
|
||||
| Signatures | [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature) | repeated | Signatures is a set of signatures of every passed NeoFS Node |
|
||||
| Token | [Token](#service.Token) | | Token is a token of the session within which the request is sent |
|
||||
| Bearer | [BearerTokenMsg](#service.BearerTokenMsg) | | Bearer is a Bearer token of the request |
|
||||
|
||||
|
||||
<a name="service.RequestVerificationHeader.Signature"></a>
|
||||
|
|
|
@ -23,6 +23,9 @@ message RequestVerificationHeader {
|
|||
|
||||
// Token is a token of the session within which the request is sent
|
||||
Token Token = 2;
|
||||
|
||||
// Bearer is a Bearer token of the request
|
||||
BearerTokenMsg Bearer = 3;
|
||||
}
|
||||
|
||||
// User token granting rights for object manipulation
|
||||
|
@ -91,3 +94,26 @@ message TokenLifetime {
|
|||
// uint32 Version = 2;
|
||||
// bytes Data = 3;
|
||||
// }
|
||||
|
||||
// BearerTokenMsg carries information about request ACL rules with limited lifetime
|
||||
message BearerTokenMsg {
|
||||
message Info {
|
||||
// ACLRules is an ACL rules represented in bytes
|
||||
bytes ACLRules = 1;
|
||||
|
||||
// OwnerID is an owner of token
|
||||
bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
|
||||
|
||||
// ValidUntil carries a last epoch of token lifetime
|
||||
uint64 ValidUntil = 3;
|
||||
}
|
||||
|
||||
// TokenInfo is a grouped information about token
|
||||
Info TokenInfo = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
|
||||
|
||||
// OwnerKey is a public key of the token owner
|
||||
bytes OwnerKey = 2;
|
||||
|
||||
// Signature is a signature of token information
|
||||
bytes Signature = 3;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue