diff --git a/auth/bearer-token.go b/auth/bearer-token.go index 3694ca09b..d7b76711d 100644 --- a/auth/bearer-token.go +++ b/auth/bearer-token.go @@ -4,18 +4,23 @@ import ( "context" "github.com/nspcc-dev/neofs-api-go/service" + "github.com/pkg/errors" ) type contextKey string const bearerTokenContextKey contextKey = "bearer-token" -// GetBearerToken returns a bearer token embedded into a context. -func GetBearerToken(ctx context.Context) *service.BearerTokenMsg { +// GetBearerToken returns a bearer token embedded into a context or error, if any. +func GetBearerToken(ctx context.Context) (*service.BearerTokenMsg, error) { if bt := ctx.Value(bearerTokenContextKey); bt != nil { - return bt.(*service.BearerTokenMsg) + v, ok := bt.(*service.BearerTokenMsg) + if !ok { + return nil, errors.Errorf("extracted unexpected type other than bearer token's: %T", v) + } + return v, nil } - return nil + return nil, errors.New("got nil bearer token") } // SetBearerToken return a context with embedded bearer token. diff --git a/neofs/layer/neofs-container.go b/neofs/layer/neofs-container.go index 845634e4c..e1a0a6d33 100644 --- a/neofs/layer/neofs-container.go +++ b/neofs/layer/neofs-container.go @@ -10,6 +10,7 @@ import ( "github.com/nspcc-dev/neofs-api-go/container" "github.com/nspcc-dev/neofs-api-go/refs" "github.com/nspcc-dev/neofs-api-go/service" + "github.com/pkg/errors" ) func (n *neofsObject) containerList(ctx context.Context) ([]refs.CID, error) { @@ -17,9 +18,12 @@ func (n *neofsObject) containerList(ctx context.Context) ([]refs.CID, error) { req.OwnerID = n.owner req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) - - err := service.SignRequestData(n.key, req) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return nil, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) + err = service.SignRequestData(n.key, req) if err != nil { n.log.Error("could not prepare request", zap.Error(err)) diff --git a/neofs/layer/neofs-object.go b/neofs/layer/neofs-object.go index 69d87ae49..b817e3807 100644 --- a/neofs/layer/neofs-object.go +++ b/neofs/layer/neofs-object.go @@ -3,16 +3,16 @@ package layer import ( "bytes" "context" - "errors" "io" "time" - auth "github.com/minio/minio/auth" + "github.com/minio/minio/auth" "github.com/nspcc-dev/neofs-api-go/object" "github.com/nspcc-dev/neofs-api-go/query" "github.com/nspcc-dev/neofs-api-go/refs" "github.com/nspcc-dev/neofs-api-go/service" "github.com/nspcc-dev/neofs-api-go/storagegroup" + "github.com/pkg/errors" "go.uber.org/zap" ) @@ -72,7 +72,11 @@ func (n *neofsObject) objectSearchContainer(ctx context.Context, cid refs.CID) ( req.ContainerID = cid req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return nil, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) req.SetToken(token) err = service.SignRequestData(n.key, req) @@ -157,7 +161,12 @@ func (n *neofsObject) objectFindID(ctx context.Context, cid refs.CID, name strin req.ContainerID = cid req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + var empty refs.ObjectID + return empty, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) req.SetToken(token) err = service.SignRequestData(n.key, req) @@ -234,7 +243,11 @@ func (n *neofsObject) objectHead(ctx context.Context, addr refs.Address) (*objec req.FullHeaders = true req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return nil, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) req.SetToken(token) err = service.SignRequestData(n.key, req) @@ -277,7 +290,11 @@ func (n *neofsObject) objectGet(ctx context.Context, p getParams) (*object.Objec req.Address = p.addr req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return nil, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) req.SetToken(token) err = service.SignRequestData(n.key, req) @@ -398,7 +415,11 @@ func (n *neofsObject) objectPut(ctx context.Context, p putParams) (*object.Objec req := object.MakePutRequestHeader(obj) req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return nil, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) req.SetToken(token) err = service.SignRequestData(n.key, req) @@ -427,7 +448,11 @@ func (n *neofsObject) objectPut(ctx context.Context, p putParams) (*object.Objec req := object.MakePutRequestChunk(readBuffer[:read]) req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return nil, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) err = service.SignRequestData(n.key, req) if err != nil { @@ -502,7 +527,11 @@ func (n *neofsObject) storageGroupPut(ctx context.Context, p sgParams) (*object. req := object.MakePutRequestHeader(sg) req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return nil, errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) req.SetToken(token) err = service.SignRequestData(n.key, req) @@ -539,7 +568,11 @@ func (n *neofsObject) objectDelete(ctx context.Context, p delParams) error { req.OwnerID = n.owner req.SetVersion(APIVersion) req.SetTTL(service.SingleForwardingTTL) - req.SetBearer(auth.GetBearerToken(ctx)) + bearerToken, err := auth.GetBearerToken(ctx) + if err != nil { + return errors.Wrap(err, "failed to get bearer token") + } + req.SetBearer(bearerToken) req.SetToken(token) err = service.SignRequestData(n.key, req)