forked from TrueCloudLab/frostfs-api
service: add Bearer token message to RequestVerificationHeader
This commit is contained in:
parent
e65752699f
commit
1d3ffeb841
2 changed files with 55 additions and 0 deletions
|
@ -13,6 +13,8 @@
|
||||||
- [service/verify.proto](#service/verify.proto)
|
- [service/verify.proto](#service/verify.proto)
|
||||||
|
|
||||||
- Messages
|
- Messages
|
||||||
|
- [BearerTokenMsg](#service.BearerTokenMsg)
|
||||||
|
- [BearerTokenMsg.Info](#service.BearerTokenMsg.Info)
|
||||||
- [RequestVerificationHeader](#service.RequestVerificationHeader)
|
- [RequestVerificationHeader](#service.RequestVerificationHeader)
|
||||||
- [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature)
|
- [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature)
|
||||||
- [Token](#service.Token)
|
- [Token](#service.Token)
|
||||||
|
@ -75,6 +77,32 @@ ResponseMetaHeader contains meta information based on request processing by serv
|
||||||
<!-- end services -->
|
<!-- end services -->
|
||||||
|
|
||||||
|
|
||||||
|
<a name="service.BearerTokenMsg"></a>
|
||||||
|
|
||||||
|
### Message BearerTokenMsg
|
||||||
|
BearerTokenMsg carries information about request ACL rules with limited lifetime
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Label | Description |
|
||||||
|
| ----- | ---- | ----- | ----------- |
|
||||||
|
| TokenInfo | [BearerTokenMsg.Info](#service.BearerTokenMsg.Info) | | TokenInfo is a grouped information about token |
|
||||||
|
| OwnerKey | [bytes](#bytes) | | OwnerKey is a public key of the token owner |
|
||||||
|
| Signature | [bytes](#bytes) | | Signature is a signature of token information |
|
||||||
|
|
||||||
|
|
||||||
|
<a name="service.BearerTokenMsg.Info"></a>
|
||||||
|
|
||||||
|
### Message BearerTokenMsg.Info
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Label | Description |
|
||||||
|
| ----- | ---- | ----- | ----------- |
|
||||||
|
| ACLRules | [bytes](#bytes) | | ACLRules is an ACL rules represented in bytes |
|
||||||
|
| OwnerID | [bytes](#bytes) | | OwnerID is an owner of token |
|
||||||
|
| ValidUntil | [uint64](#uint64) | | ValidUntil carries a last epoch of token lifetime |
|
||||||
|
|
||||||
|
|
||||||
<a name="service.RequestVerificationHeader"></a>
|
<a name="service.RequestVerificationHeader"></a>
|
||||||
|
|
||||||
### Message RequestVerificationHeader
|
### Message RequestVerificationHeader
|
||||||
|
@ -86,6 +114,7 @@ RequestVerificationHeader is a set of signatures of every NeoFS Node that proces
|
||||||
| ----- | ---- | ----- | ----------- |
|
| ----- | ---- | ----- | ----------- |
|
||||||
| Signatures | [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature) | repeated | Signatures is a set of signatures of every passed NeoFS Node |
|
| Signatures | [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature) | repeated | Signatures is a set of signatures of every passed NeoFS Node |
|
||||||
| Token | [Token](#service.Token) | | Token is a token of the session within which the request is sent |
|
| Token | [Token](#service.Token) | | Token is a token of the session within which the request is sent |
|
||||||
|
| Bearer | [BearerTokenMsg](#service.BearerTokenMsg) | | Bearer is a Bearer token of the request |
|
||||||
|
|
||||||
|
|
||||||
<a name="service.RequestVerificationHeader.Signature"></a>
|
<a name="service.RequestVerificationHeader.Signature"></a>
|
||||||
|
|
|
@ -23,6 +23,9 @@ message RequestVerificationHeader {
|
||||||
|
|
||||||
// Token is a token of the session within which the request is sent
|
// Token is a token of the session within which the request is sent
|
||||||
Token Token = 2;
|
Token Token = 2;
|
||||||
|
|
||||||
|
// Bearer is a Bearer token of the request
|
||||||
|
BearerTokenMsg Bearer = 3;
|
||||||
}
|
}
|
||||||
|
|
||||||
// User token granting rights for object manipulation
|
// User token granting rights for object manipulation
|
||||||
|
@ -91,3 +94,26 @@ message TokenLifetime {
|
||||||
// uint32 Version = 2;
|
// uint32 Version = 2;
|
||||||
// bytes Data = 3;
|
// bytes Data = 3;
|
||||||
// }
|
// }
|
||||||
|
|
||||||
|
// BearerTokenMsg carries information about request ACL rules with limited lifetime
|
||||||
|
message BearerTokenMsg {
|
||||||
|
message Info {
|
||||||
|
// ACLRules is an ACL rules represented in bytes
|
||||||
|
bytes ACLRules = 1;
|
||||||
|
|
||||||
|
// OwnerID is an owner of token
|
||||||
|
bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
|
||||||
|
|
||||||
|
// ValidUntil carries a last epoch of token lifetime
|
||||||
|
uint64 ValidUntil = 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenInfo is a grouped information about token
|
||||||
|
Info TokenInfo = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
|
||||||
|
|
||||||
|
// OwnerKey is a public key of the token owner
|
||||||
|
bytes OwnerKey = 2;
|
||||||
|
|
||||||
|
// Signature is a signature of token information
|
||||||
|
bytes Signature = 3;
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue