Add getting/setting bearer token at the auth package

This commit is contained in:
Pavel Korotkov 2020-07-22 19:02:35 +03:00
parent b2289ba10b
commit 57466b3db2
4 changed files with 27 additions and 64 deletions

24
auth/bearer-token.go Normal file
View file

@ -0,0 +1,24 @@
package auth
import (
"context"
"github.com/nspcc-dev/neofs-api-go/service"
)
type contextKey string
const bearerTokenContextKey contextKey = "bearer-token"
// GetBearerToken returns a bearer token embedded into a context.
func GetBearerToken(ctx context.Context) *service.BearerTokenMsg {
if bt := ctx.Value(bearerTokenContextKey); bt != nil {
return bt.(*service.BearerTokenMsg)
}
return nil
}
// SetBearerToken return a context with embedded bearer token.
func SetBearerToken(ctx context.Context, bearerToken *service.BearerTokenMsg) context.Context {
return context.WithValue(ctx, bearerTokenContextKey, bearerToken)
}

View file

@ -1,12 +1,10 @@
package main package main
import ( import (
"context"
"net/http" "net/http"
"github.com/gorilla/mux" "github.com/gorilla/mux"
"github.com/minio/minio/auth" "github.com/minio/minio/auth"
s3http "github.com/minio/minio/http"
"go.uber.org/zap" "go.uber.org/zap"
) )
@ -18,7 +16,7 @@ func attachNewUserAuth(router *mux.Router, center *auth.Center, log *zap.Logger)
log.Error("failed to pass authentication", zap.Error(err)) log.Error("failed to pass authentication", zap.Error(err))
// TODO: Handle any auth error by rejecting request. // TODO: Handle any auth error by rejecting request.
} }
h.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), s3http.BearerTokenContextKey, bearerToken))) h.ServeHTTP(w, r.WithContext(auth.SetBearerToken(r.Context(), bearerToken)))
}) })
} }

View file

@ -1,58 +0,0 @@
package http
import (
"fmt"
"net/http"
"strconv"
"github.com/minio/minio/legacy/crypto"
)
type (
HTTPResponseWriter struct {
serverName string
serverRegion string
}
// MimeType represents various MIME type used API responses.
MimeType string
// ContextKey is a custom type used to pass values within contexts.
ContextKey string
)
const BearerTokenContextKey ContextKey = "bearer-token"
const (
// MimeType_None means no response type.
MimeType_None MimeType = ""
// MimeType_ApplicationJSON means response type is JSON.
MimeType_ApplicationJSON MimeType = "application/json"
// MimeType_ApplicationXML means response type is XML.
MimeType_ApplicationXML MimeType = "application/xml"
)
func NewHTTPResponseWriter(appName, appVersion, region string) *HTTPResponseWriter {
return &HTTPResponseWriter{
serverName: fmt.Sprintf("%s/%s", appName, appVersion),
serverRegion: region,
}
}
func (rw *HTTPResponseWriter) writeResponse(w http.ResponseWriter, statusCode int, response []byte, mimeType MimeType) {
w.Header().Set("Server", rw.serverName)
if len(rw.serverRegion) > 0 {
w.Header().Set("X-Amz-Bucket-Region", rw.serverRegion)
}
w.Header().Set("Accept-Ranges", "bytes")
crypto.RemoveSensitiveHeaders(w.Header())
if mimeType != MimeType_None {
w.Header().Set("Content-Type", string(mimeType))
}
w.Header().Set("Content-Length", strconv.Itoa(len(response)))
w.WriteHeader(statusCode)
if response != nil {
w.Write(response)
w.(http.Flusher).Flush()
}
}

View file

@ -6,7 +6,7 @@ import (
"go.uber.org/zap" "go.uber.org/zap"
s3http "github.com/minio/minio/http" "github.com/minio/minio/auth"
"github.com/nspcc-dev/neofs-api-go/container" "github.com/nspcc-dev/neofs-api-go/container"
"github.com/nspcc-dev/neofs-api-go/refs" "github.com/nspcc-dev/neofs-api-go/refs"
"github.com/nspcc-dev/neofs-api-go/service" "github.com/nspcc-dev/neofs-api-go/service"
@ -17,8 +17,7 @@ func (n *neofsObject) containerList(ctx context.Context) ([]refs.CID, error) {
req.OwnerID = n.owner req.OwnerID = n.owner
req.SetTTL(service.SingleForwardingTTL) req.SetTTL(service.SingleForwardingTTL)
req.SetVersion(APIVersion) req.SetVersion(APIVersion)
bearerToken := ctx.Value(s3http.BearerTokenContextKey).(*service.BearerTokenMsg) req.SetBearer(auth.GetBearerToken(ctx))
req.SetBearer(bearerToken)
err := service.SignRequestData(n.key, req) err := service.SignRequestData(n.key, req)
if err != nil { if err != nil {