From e3c16a32dde6b7c3382c32ca85c01fc156ade381 Mon Sep 17 00:00:00 2001 From: Denis Kirillov Date: Mon, 25 Apr 2022 12:57:58 +0300 Subject: [PATCH] [#409] Update SDK Signed-off-by: Denis Kirillov --- api/cache/objects.go | 4 +- api/cache/objects_test.go | 6 ++- api/cache/objectslist_test.go | 12 +++--- api/data/info.go | 10 ++--- api/handler/acl.go | 9 +++-- api/handler/acl_test.go | 6 +-- api/handler/delete.go | 6 +-- api/handler/handlers_test.go | 6 ++- api/handler/list.go | 6 +-- api/handler/object_list.go | 3 +- api/layer/container.go | 7 ++-- api/layer/layer.go | 20 ++++++---- api/layer/multipart_upload.go | 10 ++--- api/layer/neofs/neofs.go | 12 +++--- api/layer/notifications.go | 3 +- api/layer/object.go | 36 ++++++++++-------- api/layer/object_test.go | 4 +- api/layer/system_object.go | 14 ++++--- api/layer/util.go | 10 +++-- api/layer/util_test.go | 57 +++++++++++++++------------- api/layer/versioning.go | 6 +-- api/layer/versioning_test.go | 27 +++++++------ api/resolver/resolver.go | 32 ++++++++-------- authmate/authmate.go | 54 +++++++++++++++----------- cmd/authmate/main.go | 7 ++-- cmd/s3-gw/app.go | 29 ++++++++------ creds/accessbox/accessbox.go | 20 ++++------ creds/accessbox/bearer_token_test.go | 46 +++++++++++----------- creds/tokens/credentials.go | 14 +++---- go.mod | 4 +- go.sum | 33 ++++++++++++---- internal/neofs/neofs.go | 33 ++++++++-------- internal/neofstest/neofs_mock.go | 49 ++++++++++++++---------- 33 files changed, 332 insertions(+), 263 deletions(-) diff --git a/api/cache/objects.go b/api/cache/objects.go index 4d92aaea..c53e3481 100644 --- a/api/cache/objects.go +++ b/api/cache/objects.go @@ -48,7 +48,9 @@ func (o *ObjectsCache) Get(address *address.Address) *object.Object { // Put puts an object to cache. func (o *ObjectsCache) Put(obj object.Object) error { - return o.cache.Set(obj.ContainerID().String()+"/"+obj.ID().String(), obj) + cnrID, _ := obj.ContainerID() + objID, _ := obj.ID() + return o.cache.Set(cnrID.String()+"/"+objID.String(), obj) } // Delete deletes an object from cache. diff --git a/api/cache/objects_test.go b/api/cache/objects_test.go index a4aaefc7..a029cd63 100644 --- a/api/cache/objects_test.go +++ b/api/cache/objects_test.go @@ -18,9 +18,11 @@ func getTestConfig() *Config { func TestCache(t *testing.T) { obj := objecttest.Object() + objID, _ := obj.ID() + cnrID, _ := obj.ContainerID() addr := address.NewAddress() - addr.SetContainerID(obj.ContainerID()) - addr.SetObjectID(obj.ID()) + addr.SetContainerID(cnrID) + addr.SetObjectID(objID) t.Run("check get", func(t *testing.T) { cache := New(getTestConfig()) diff --git a/api/cache/objectslist_test.go b/api/cache/objectslist_test.go index b78ad9b8..38da91d5 100644 --- a/api/cache/objectslist_test.go +++ b/api/cache/objectslist_test.go @@ -22,10 +22,10 @@ func getTestObjectsListConfig() *Config { } func randID(t *testing.T) *oid.ID { - id := oid.NewID() + var id oid.ID id.SetSHA256(randSHA256Checksum(t)) - return id + return &id } func randSHA256Checksum(t *testing.T) (cs [sha256.Size]byte) { @@ -140,7 +140,7 @@ func TestObjectsListCache(t *testing.T) { func TestCleanCacheEntriesChangedWithPutObject(t *testing.T) { var ( - id = cid.New() + id cid.ID oids = []oid.ID{*randID(t)} keys []ObjectsListKey ) @@ -157,7 +157,7 @@ func TestCleanCacheEntriesChangedWithPutObject(t *testing.T) { err := cache.Put(k, oids) require.NoError(t, err) } - cache.CleanCacheEntriesContainingObject("obj1", id) + cache.CleanCacheEntriesContainingObject("obj1", &id) for _, k := range keys { list := cache.Get(k) if k.prefix == "" { @@ -176,7 +176,7 @@ func TestCleanCacheEntriesChangedWithPutObject(t *testing.T) { err := cache.Put(k, oids) require.NoError(t, err) } - cache.CleanCacheEntriesContainingObject("dir/obj", id) + cache.CleanCacheEntriesContainingObject("dir/obj", &id) for _, k := range keys { list := cache.Get(k) if k.prefix == "" || k.prefix == "dir/" { @@ -195,7 +195,7 @@ func TestCleanCacheEntriesChangedWithPutObject(t *testing.T) { err := cache.Put(k, oids) require.NoError(t, err) } - cache.CleanCacheEntriesContainingObject("dir/lol/obj", id) + cache.CleanCacheEntriesContainingObject("dir/lol/obj", &id) for _, k := range keys { list := cache.Get(k) require.Nil(t, list) diff --git a/api/data/info.go b/api/data/info.go index c55b9717..2c518934 100644 --- a/api/data/info.go +++ b/api/data/info.go @@ -7,7 +7,7 @@ import ( cid "github.com/nspcc-dev/neofs-sdk-go/container/id" "github.com/nspcc-dev/neofs-sdk-go/object/address" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" + "github.com/nspcc-dev/neofs-sdk-go/user" ) const ( @@ -21,7 +21,7 @@ type ( BucketInfo struct { Name string CID *cid.ID - Owner *owner.ID + Owner *user.ID Created time.Time BasicACL uint32 LocationConstraint string @@ -41,7 +41,7 @@ type ( Created time.Time CreationEpoch uint64 HashSum string - Owner *owner.ID + Owner *user.ID Headers map[string]string } @@ -96,8 +96,8 @@ func (o *ObjectInfo) NiceName() string { return o.Bucket + "/" + o.Name } // Address returns object address. func (o *ObjectInfo) Address() *address.Address { addr := address.NewAddress() - addr.SetContainerID(o.CID) - addr.SetObjectID(o.ID) + addr.SetContainerID(*o.CID) + addr.SetObjectID(*o.ID) return addr } diff --git a/api/handler/acl.go b/api/handler/acl.go index 3d4effee..cd270d5d 100644 --- a/api/handler/acl.go +++ b/api/handler/acl.go @@ -153,7 +153,10 @@ func (h *handler) bearerTokenIssuerKey(ctx context.Context) (*keys.PublicKey, er return nil, err } - key, err := keys.NewPublicKeyFromBytes(box.Gate.BearerToken.Signature().Key(), elliptic.P256()) + var btoken v2acl.BearerToken + box.Gate.BearerToken.WriteToV2(&btoken) + + key, err := keys.NewPublicKeyFromBytes(btoken.GetSignature().GetKey(), elliptic.P256()) if err != nil { return nil, err } @@ -791,8 +794,8 @@ func formRecords(operations []*astOperation, resource *astResource) ([]*eacl.Rec } if len(resource.Object) != 0 { if len(resource.Version) != 0 { - id := oid.NewID() - if err := id.Parse(resource.Version); err != nil { + var id oid.ID + if err := id.DecodeString(resource.Version); err != nil { return nil, err } record.AddObjectIDFilter(eacl.MatchStringEqual, id) diff --git a/api/handler/acl_test.go b/api/handler/acl_test.go index 37714eab..9d008095 100644 --- a/api/handler/acl_test.go +++ b/api/handler/acl_test.go @@ -21,7 +21,7 @@ func TestTableToAst(t *testing.T) { b := make([]byte, 32) _, err := io.ReadFull(rand.Reader, b) require.NoError(t, err) - id := oid.NewID() + var id oid.ID id.SetSHA256(sha256.Sum256(b)) key, err := keys.NewPrivateKey() @@ -740,7 +740,7 @@ func TestObjectAclToAst(t *testing.T) { b := make([]byte, 32) _, err := io.ReadFull(rand.Reader, b) require.NoError(t, err) - objID := oid.NewID() + var objID oid.ID objID.SetSHA256(sha256.Sum256(b)) key, err := keys.NewPrivateKey() @@ -809,7 +809,7 @@ func TestBucketAclToAst(t *testing.T) { b := make([]byte, 32) _, err := io.ReadFull(rand.Reader, b) require.NoError(t, err) - objID := oid.NewID() + var objID oid.ID objID.SetSHA256(sha256.Sum256(b)) key, err := keys.NewPrivateKey() diff --git a/api/handler/delete.go b/api/handler/delete.go index aa020c94..3cfc7ba0 100644 --- a/api/handler/delete.go +++ b/api/handler/delete.go @@ -110,9 +110,9 @@ func (h *handler) DeleteObjectHandler(w http.ResponseWriter, r *http.Request) { ReqInfo: reqInfo, } } else { - oid := oid.NewID() + var objID oid.ID if len(versionID) != 0 { - if err := oid.Parse(versionID); err != nil { + if err = objID.DecodeString(versionID); err != nil { h.log.Error("couldn't send notification: %w", zap.Error(err)) } } @@ -121,7 +121,7 @@ func (h *handler) DeleteObjectHandler(w http.ResponseWriter, r *http.Request) { Event: layer.EventObjectRemovedDelete, ObjInfo: &data.ObjectInfo{ Name: reqInfo.ObjectName, - ID: oid, + ID: &objID, }, BktInfo: bktInfo, ReqInfo: reqInfo, diff --git a/api/handler/handlers_test.go b/api/handler/handlers_test.go index f01dd256..fd6202bd 100644 --- a/api/handler/handlers_test.go +++ b/api/handler/handlers_test.go @@ -17,7 +17,7 @@ import ( "github.com/nspcc-dev/neofs-s3-gw/api/resolver" "github.com/nspcc-dev/neofs-s3-gw/internal/neofstest" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" + "github.com/nspcc-dev/neofs-sdk-go/user" "github.com/stretchr/testify/require" "go.uber.org/zap" ) @@ -83,11 +83,13 @@ func createTestBucketWithLock(ctx context.Context, t *testing.T, h *handlerConte }) require.NoError(t, err) + var ownerID user.ID + bktInfo := &data.BucketInfo{ CID: cnrID, Name: bktName, ObjectLockEnabled: true, - Owner: owner.NewID(), + Owner: &ownerID, } sp := &layer.PutSettingsParams{ diff --git a/api/handler/list.go b/api/handler/list.go index 1d02ea0f..257dd1de 100644 --- a/api/handler/list.go +++ b/api/handler/list.go @@ -5,7 +5,7 @@ import ( "time" "github.com/nspcc-dev/neofs-s3-gw/api" - "github.com/nspcc-dev/neofs-sdk-go/owner" + "github.com/nspcc-dev/neofs-sdk-go/user" ) const maxObjectList = 1000 // Limit number of objects in a listObjectsResponse/listObjectsVersionsResponse. @@ -13,7 +13,7 @@ const maxObjectList = 1000 // Limit number of objects in a listObjectsResponse/l // ListBucketsHandler handles bucket listing requests. func (h *handler) ListBucketsHandler(w http.ResponseWriter, r *http.Request) { var ( - own = owner.NewID() + own user.ID res *ListBucketsResponse reqInfo = api.GetReqInfo(r.Context()) ) @@ -25,7 +25,7 @@ func (h *handler) ListBucketsHandler(w http.ResponseWriter, r *http.Request) { } if len(list) > 0 { - own = list[0].Owner + own = *list[0].Owner } res = &ListBucketsResponse{ diff --git a/api/handler/object_list.go b/api/handler/object_list.go index 031f3666..0d94bbdb 100644 --- a/api/handler/object_list.go +++ b/api/handler/object_list.go @@ -165,7 +165,8 @@ func parseListObjectArgs(reqInfo *api.ReqInfo) (*layer.ListObjectsParamsCommon, func parseContinuationToken(queryValues url.Values) (string, error) { if val, ok := queryValues["continuation-token"]; ok { - if err := oid.NewID().Parse(val[0]); err != nil { + var objID oid.ID + if err := objID.DecodeString(val[0]); err != nil { return "", errors.GetAPIError(errors.ErrIncorrectContinuationToken) } return val[0], nil diff --git a/api/layer/container.go b/api/layer/container.go index a8106d47..c6df32c3 100644 --- a/api/layer/container.go +++ b/api/layer/container.go @@ -96,7 +96,7 @@ func (n *layer) containerList(ctx context.Context) ([]*data.BucketInfo, error) { res []cid.ID rid = api.GetRequestID(ctx) ) - res, err = n.neoFS.UserContainers(ctx, *own) + res, err = n.neoFS.UserContainers(ctx, own) if err != nil { n.log.Error("could not list user containers", zap.String("request_id", rid), @@ -122,9 +122,10 @@ func (n *layer) containerList(ctx context.Context) ([]*data.BucketInfo, error) { func (n *layer) createContainer(ctx context.Context, p *CreateBucketParams) (*data.BucketInfo, error) { var err error + ownerID := n.Owner(ctx) bktInfo := &data.BucketInfo{ Name: p.Name, - Owner: n.Owner(ctx), + Owner: &ownerID, Created: time.Now(), // this can be a little incorrect since the real time is set later BasicACL: p.ACL, LocationConstraint: p.LocationConstraint, @@ -171,7 +172,7 @@ func (n *layer) createContainer(ctx context.Context, p *CreateBucketParams) (*da } func (n *layer) setContainerEACLTable(ctx context.Context, idCnr *cid.ID, table *eacl.Table) error { - table.SetCID(idCnr) + table.SetCID(*idCnr) boxData, err := GetBoxData(ctx) if err == nil { diff --git a/api/layer/layer.go b/api/layer/layer.go index ff6dab83..e7a6e315 100644 --- a/api/layer/layer.go +++ b/api/layer/layer.go @@ -22,8 +22,8 @@ import ( "github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/netmap" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" "github.com/nspcc-dev/neofs-sdk-go/session" + "github.com/nspcc-dev/neofs-sdk-go/user" "go.uber.org/zap" ) @@ -314,12 +314,16 @@ func IsAuthenticatedRequest(ctx context.Context) bool { } // Owner returns owner id from BearerToken (context) or from client owner. -func (n *layer) Owner(ctx context.Context) *owner.ID { +func (n *layer) Owner(ctx context.Context) user.ID { if bd, ok := ctx.Value(api.BoxData).(*accessbox.Box); ok && bd != nil && bd.Gate != nil { - return bd.Gate.BearerToken.Issuer() + ownerID, _ := bd.Gate.BearerToken.Issuer() + return ownerID } - return owner.NewIDFromPublicKey((*ecdsa.PublicKey)(n.EphemeralKey())) + var ownerID user.ID + user.IDFromKey(&ownerID, (ecdsa.PublicKey)(*n.EphemeralKey())) + + return ownerID } func (n *layer) prepareAuthParameters(ctx context.Context, prm *neofs.PrmAuth) { @@ -627,7 +631,7 @@ func (n *layer) CreateBucket(ctx context.Context, p *CreateBucketParams) (*data. return nil, err } - if p.SessionToken != nil && bktInfo.Owner.Equal(p.SessionToken.OwnerID()) { + if p.SessionToken != nil && bktInfo.Owner.Equals(*p.SessionToken.OwnerID()) { return nil, errors.GetAPIError(errors.ErrBucketAlreadyOwnedByYou) } @@ -635,12 +639,12 @@ func (n *layer) CreateBucket(ctx context.Context, p *CreateBucketParams) (*data. } func (n *layer) ResolveBucket(ctx context.Context, name string) (*cid.ID, error) { - cnrID := cid.New() - if err := cnrID.Parse(name); err != nil { + var cnrID cid.ID + if err := cnrID.DecodeString(name); err != nil { return n.resolver.Resolve(ctx, name) } - return cnrID, nil + return &cnrID, nil } func (n *layer) DeleteBucket(ctx context.Context, p *DeleteBucketParams) error { diff --git a/api/layer/multipart_upload.go b/api/layer/multipart_upload.go index 05764edd..85fec407 100644 --- a/api/layer/multipart_upload.go +++ b/api/layer/multipart_upload.go @@ -14,7 +14,7 @@ import ( "github.com/nspcc-dev/neofs-s3-gw/api/data" "github.com/nspcc-dev/neofs-s3-gw/api/errors" "github.com/nspcc-dev/neofs-sdk-go/object" - "github.com/nspcc-dev/neofs-sdk-go/owner" + "github.com/nspcc-dev/neofs-sdk-go/user" "go.uber.org/zap" ) @@ -89,7 +89,7 @@ type ( ListPartsInfo struct { Parts []*Part - Owner *owner.ID + Owner *user.ID NextPartNumberMarker int IsTruncated bool } @@ -105,7 +105,7 @@ type ( IsDir bool Key string UploadID string - Owner *owner.ID + Owner *user.ID Created time.Time } ) @@ -352,7 +352,7 @@ func (n *layer) ListMultipartUploads(ctx context.Context, p *ListMultipartUpload uniqDirs := make(map[string]struct{}) for i := range ids { - meta, err := n.objectHead(ctx, p.Bkt.CID, &ids[i]) + meta, err := n.objectHead(ctx, p.Bkt.CID, ids[i]) if err != nil { n.log.Warn("couldn't head object", zap.Stringer("object id", &ids[i]), @@ -496,7 +496,7 @@ func (n *layer) getUploadParts(ctx context.Context, p *UploadInfoParams) (map[in res := make(map[int]*data.ObjectInfo) for i := range ids { - meta, err := n.objectHead(ctx, p.Bkt.CID, &ids[i]) + meta, err := n.objectHead(ctx, p.Bkt.CID, ids[i]) if err != nil { n.log.Warn("couldn't head a part of upload", zap.Stringer("object id", &ids[i]), diff --git a/api/layer/neofs/neofs.go b/api/layer/neofs/neofs.go index 0a318092..f307dd6f 100644 --- a/api/layer/neofs/neofs.go +++ b/api/layer/neofs/neofs.go @@ -8,21 +8,21 @@ import ( "time" "github.com/nspcc-dev/neofs-sdk-go/acl" + "github.com/nspcc-dev/neofs-sdk-go/bearer" "github.com/nspcc-dev/neofs-sdk-go/container" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" "github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/netmap" "github.com/nspcc-dev/neofs-sdk-go/object" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" "github.com/nspcc-dev/neofs-sdk-go/session" - "github.com/nspcc-dev/neofs-sdk-go/token" + "github.com/nspcc-dev/neofs-sdk-go/user" ) // PrmContainerCreate groups parameters of NeoFS.CreateContainer operation. type PrmContainerCreate struct { // NeoFS identifier of the container creator. - Creator owner.ID + Creator user.ID // Container placement policy. Policy netmap.PlacementPolicy @@ -43,7 +43,7 @@ type PrmContainerCreate struct { // PrmAuth groups authentication parameters for the NeoFS operation. type PrmAuth struct { // Bearer token to be used for the operation. Overlaps PrivateKey. Optional. - BearerToken *token.BearerToken + BearerToken *bearer.Token // Private key used for the operation if BearerToken is missing (in this case non-nil). PrivateKey *ecdsa.PrivateKey @@ -105,7 +105,7 @@ type PrmObjectCreate struct { Container cid.ID // NeoFS identifier of the object creator. - Creator owner.ID + Creator user.ID // Key-value object attributes. Attributes [][2]string @@ -158,7 +158,7 @@ type NeoFS interface { // // It returns exactly one non-nil value. It returns any error encountered which // prevented the containers from being listed. - UserContainers(context.Context, owner.ID) ([]cid.ID, error) + UserContainers(context.Context, user.ID) ([]cid.ID, error) // SetContainerEACL saves the eACL table of the container in NeoFS. // diff --git a/api/layer/notifications.go b/api/layer/notifications.go index f53d838c..4b2a482b 100644 --- a/api/layer/notifications.go +++ b/api/layer/notifications.go @@ -178,8 +178,9 @@ func (n *layer) getNotificationConf(ctx context.Context, bkt *data.BucketInfo, s } if err = n.systemCache.PutNotificationConfiguration(systemObjectKey(bkt, sysName), conf); err != nil { + objID, _ := obj.ID() n.log.Warn("couldn't put system meta to objects cache", - zap.Stringer("object id", obj.ID()), + zap.Stringer("object id", &objID), zap.Stringer("bucket id", bkt.CID), zap.Error(err)) } diff --git a/api/layer/object.go b/api/layer/object.go index d404cd12..e50febbf 100644 --- a/api/layer/object.go +++ b/api/layer/object.go @@ -90,7 +90,7 @@ func (n *layer) objectSearch(ctx context.Context, p *findParams) ([]oid.ID, erro return res, n.transformNeofsError(ctx, err) } -func newAddress(cid *cid.ID, oid *oid.ID) *address.Address { +func newAddress(cid cid.ID, oid oid.ID) *address.Address { addr := address.NewAddress() addr.SetContainerID(cid) addr.SetObjectID(oid) @@ -98,10 +98,10 @@ func newAddress(cid *cid.ID, oid *oid.ID) *address.Address { } // objectHead returns all object's headers. -func (n *layer) objectHead(ctx context.Context, idCnr *cid.ID, idObj *oid.ID) (*object.Object, error) { +func (n *layer) objectHead(ctx context.Context, idCnr *cid.ID, idObj oid.ID) (*object.Object, error) { prm := neofs.PrmObjectRead{ Container: *idCnr, - Object: *idObj, + Object: idObj, WithHeader: true, } @@ -137,9 +137,11 @@ func (n *layer) initObjectPayloadReader(ctx context.Context, p getParams) (io.Re // objectGet returns an object with payload in the object. func (n *layer) objectGet(ctx context.Context, addr *address.Address) (*object.Object, error) { + cnrID, _ := addr.ContainerID() + objID, _ := addr.ObjectID() prm := neofs.PrmObjectRead{ - Container: *addr.ContainerID(), - Object: *addr.ObjectID(), + Container: cnrID, + Object: objID, WithHeader: true, WithPayload: true, } @@ -178,7 +180,7 @@ func (n *layer) PutObject(ctx context.Context, p *PutObjectParams) (*data.Object prm := neofs.PrmObjectCreate{ Container: *p.BktInfo.CID, - Creator: *own, + Creator: own, PayloadSize: uint64(p.Size), Filename: p.Object, Payload: r, @@ -216,7 +218,7 @@ func (n *layer) PutObject(ctx context.Context, p *PutObjectParams) (*data.Object } } - meta, err := n.objectHead(ctx, p.BktInfo.CID, id) + meta, err := n.objectHead(ctx, p.BktInfo.CID, *id) if err != nil { return nil, err } @@ -244,11 +246,13 @@ func (n *layer) PutObject(ctx context.Context, p *PutObjectParams) (*data.Object } } + payloadChecksum, _ := meta.PayloadChecksum() + return &data.ObjectInfo{ ID: id, CID: p.BktInfo.CID, - Owner: own, + Owner: &own, Bucket: p.BktInfo.Name, Name: p.Object, Size: p.Size, @@ -256,7 +260,7 @@ func (n *layer) PutObject(ctx context.Context, p *PutObjectParams) (*data.Object CreationEpoch: meta.CreationEpoch(), Headers: p.Header, ContentType: p.Header[api.ContentType], - HashSum: meta.PayloadChecksum().String(), + HashSum: payloadChecksum.String(), }, nil } @@ -366,7 +370,7 @@ func (n *layer) headVersions(ctx context.Context, bkt *data.BucketInfo, objectNa } for i := range ids { - meta, err := n.objectHead(ctx, bkt.CID, &ids[i]) + meta, err := n.objectHead(ctx, bkt.CID, ids[i]) if err != nil { n.log.Warn("couldn't head object", zap.Stringer("object id", &ids[i]), @@ -406,12 +410,12 @@ func (n *layer) headVersion(ctx context.Context, bkt *data.BucketInfo, p *HeadOb return objInfo, nil } - id := oid.NewID() - if err := id.Parse(p.VersionID); err != nil { + var id oid.ID + if err := id.DecodeString(p.VersionID); err != nil { return nil, apiErrors.GetAPIError(apiErrors.ErrInvalidVersion) } - if headInfo := n.objCache.Get(newAddress(bkt.CID, id)); headInfo != nil { + if headInfo := n.objCache.Get(newAddress(*bkt.CID, id)); headInfo != nil { return objInfoFromMeta(bkt, headInfo), nil } @@ -445,7 +449,7 @@ func (n *layer) objectDelete(ctx context.Context, idCnr *cid.ID, idObj *oid.ID) n.prepareAuthParameters(ctx, &prm.PrmAuth) - n.objCache.Delete(newAddress(idCnr, idObj)) + n.objCache.Delete(newAddress(*idCnr, *idObj)) return n.transformNeofsError(ctx, n.neoFS.DeleteObject(ctx, prm)) } @@ -679,10 +683,10 @@ func (n *layer) isVersioningEnabled(ctx context.Context, bktInfo *data.BucketInf func (n *layer) objectFromObjectsCacheOrNeoFS(ctx context.Context, cid *cid.ID, oid *oid.ID) *object.Object { var ( err error - meta = n.objCache.Get(newAddress(cid, oid)) + meta = n.objCache.Get(newAddress(*cid, *oid)) ) if meta == nil { - meta, err = n.objectHead(ctx, cid, oid) + meta, err = n.objectHead(ctx, cid, *oid) if err != nil { n.log.Warn("could not fetch object meta", zap.Error(err)) return nil diff --git a/api/layer/object_test.go b/api/layer/object_test.go index 9a8c7dec..b51ce7d1 100644 --- a/api/layer/object_test.go +++ b/api/layer/object_test.go @@ -11,10 +11,10 @@ import ( ) func randID(t *testing.T) *oid.ID { - id := oid.NewID() + var id oid.ID id.SetSHA256(randSHA256Checksum(t)) - return id + return &id } func randSHA256Checksum(t *testing.T) (cs [sha256.Size]byte) { diff --git a/api/layer/system_object.go b/api/layer/system_object.go index 3df98317..72d498eb 100644 --- a/api/layer/system_object.go +++ b/api/layer/system_object.go @@ -122,7 +122,7 @@ func (n *layer) putSystemObjectIntoNeoFS(ctx context.Context, p *PutSystemObject return nil, err } - meta, err := n.objectHead(ctx, p.BktInfo.CID, id) + meta, err := n.objectHead(ctx, p.BktInfo.CID, *id) if err != nil { return nil, err } @@ -149,8 +149,8 @@ func (n *layer) getSystemObjectFromNeoFS(ctx context.Context, bkt *data.BucketIn var addr address.Address - addr.SetContainerID(bkt.CID) - addr.SetObjectID(objInfo.ID) + addr.SetContainerID(*bkt.CID) + addr.SetObjectID(*objInfo.ID) obj, err := n.objectGet(ctx, &addr) if err != nil { @@ -180,8 +180,9 @@ func (n *layer) getCORS(ctx context.Context, bkt *data.BucketInfo, sysName strin } if err = n.systemCache.PutCORS(systemObjectKey(bkt, sysName), cors); err != nil { + objID, _ := obj.ID() n.log.Warn("couldn't put system meta to objects cache", - zap.Stringer("object id", obj.ID()), + zap.Stringer("object id", &objID), zap.Stringer("bucket id", bkt.CID), zap.Error(err)) } @@ -201,7 +202,7 @@ func (n *layer) headSystemVersions(ctx context.Context, bkt *data.BucketInfo, sy versions := newObjectVersions(sysName) for i := range ids { - meta, err := n.objectHead(ctx, bkt.CID, &ids[i]) + meta, err := n.objectHead(ctx, bkt.CID, ids[i]) if err != nil { n.log.Warn("couldn't head object", zap.Stringer("object id", &ids[i]), @@ -251,8 +252,9 @@ func (n *layer) GetBucketSettings(ctx context.Context, bktInfo *data.BucketInfo) } if err = n.systemCache.PutSettings(systemKey, settings); err != nil { + objID, _ := obj.ID() n.log.Warn("couldn't put system meta to objects cache", - zap.Stringer("object id", obj.ID()), + zap.Stringer("object id", &objID), zap.Stringer("bucket id", bktInfo.CID), zap.Error(err)) } diff --git a/api/layer/util.go b/api/layer/util.go index 477d7e9d..e3a1588c 100644 --- a/api/layer/util.go +++ b/api/layer/util.go @@ -111,8 +111,10 @@ func objectInfoFromMeta(bkt *data.BucketInfo, meta *object.Object, prefix, delim size = int64(meta.PayloadSize()) } + objID, _ := meta.ID() + payloadChecksum, _ := meta.PayloadChecksum() return &data.ObjectInfo{ - ID: meta.ID(), + ID: &objID, CID: bkt.CID, IsDir: isDir, @@ -124,18 +126,18 @@ func objectInfoFromMeta(bkt *data.BucketInfo, meta *object.Object, prefix, delim Headers: userHeaders, Owner: meta.OwnerID(), Size: size, - HashSum: meta.PayloadChecksum().String(), + HashSum: payloadChecksum.String(), } } func filenameFromObject(o *object.Object) string { - var name = o.ID().String() for _, attr := range o.Attributes() { if attr.Key() == object.AttributeFileName { return attr.Value() } } - return name + objID, _ := o.ID() + return objID.String() } // NameFromString splits name into a base file name and a directory path. diff --git a/api/layer/util_test.go b/api/layer/util_test.go index f954369f..33de7838 100644 --- a/api/layer/util_test.go +++ b/api/layer/util_test.go @@ -7,10 +7,11 @@ import ( "time" "github.com/nspcc-dev/neofs-s3-gw/api/data" + "github.com/nspcc-dev/neofs-sdk-go/checksum" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" "github.com/nspcc-dev/neofs-sdk-go/object" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" + "github.com/nspcc-dev/neofs-sdk-go/user" "github.com/stretchr/testify/require" ) @@ -35,9 +36,9 @@ func newTestObject(id *oid.ID, bkt *data.BucketInfo, name string) *object.Object contentType.SetValue(defaultTestContentType) obj := object.New() - obj.SetID(id) + obj.SetID(*id) obj.SetOwnerID(bkt.Owner) - obj.SetContainerID(bkt.CID) + obj.SetContainerID(*bkt.CID) obj.SetPayload(defaultTestPayload) obj.SetAttributes(*filename, *created, *contentType) obj.SetPayloadSize(uint64(defaultTestPayloadLength)) @@ -46,6 +47,7 @@ func newTestObject(id *oid.ID, bkt *data.BucketInfo, name string) *object.Object } func newTestInfo(oid *oid.ID, bkt *data.BucketInfo, name string, isDir bool) *data.ObjectInfo { + var hashSum checksum.Checksum info := &data.ObjectInfo{ ID: oid, Name: name, @@ -56,6 +58,7 @@ func newTestInfo(oid *oid.ID, bkt *data.BucketInfo, name string, isDir bool) *da Created: time.Unix(defaultTestCreated.Unix(), 0), Owner: bkt.Owner, Headers: make(map[string]string), + HashSum: hashSum.String(), } if isDir { @@ -69,14 +72,14 @@ func newTestInfo(oid *oid.ID, bkt *data.BucketInfo, name string, isDir bool) *da } func Test_objectInfoFromMeta(t *testing.T) { - uid := owner.NewID() - id := oid.NewID() - containerID := cid.New() + var uid user.ID + var id oid.ID + var containerID cid.ID bkt := &data.BucketInfo{ Name: "test-container", - CID: containerID, - Owner: uid, + CID: &containerID, + Owner: &uid, Created: time.Now(), } @@ -89,66 +92,66 @@ func Test_objectInfoFromMeta(t *testing.T) { }{ { name: "small.jpg", - result: newTestInfo(id, bkt, "small.jpg", false), - object: newTestObject(id, bkt, "small.jpg"), + result: newTestInfo(&id, bkt, "small.jpg", false), + object: newTestObject(&id, bkt, "small.jpg"), }, { name: "small.jpg not matched prefix", prefix: "big", result: nil, - object: newTestObject(id, bkt, "small.jpg"), + object: newTestObject(&id, bkt, "small.jpg"), }, { name: "small.jpg delimiter", delimiter: "/", - result: newTestInfo(id, bkt, "small.jpg", false), - object: newTestObject(id, bkt, "small.jpg"), + result: newTestInfo(&id, bkt, "small.jpg", false), + object: newTestObject(&id, bkt, "small.jpg"), }, { name: "test/small.jpg", - result: newTestInfo(id, bkt, "test/small.jpg", false), - object: newTestObject(id, bkt, "test/small.jpg"), + result: newTestInfo(&id, bkt, "test/small.jpg", false), + object: newTestObject(&id, bkt, "test/small.jpg"), }, { name: "test/small.jpg with prefix and delimiter", prefix: "test/", delimiter: "/", - result: newTestInfo(id, bkt, "test/small.jpg", false), - object: newTestObject(id, bkt, "test/small.jpg"), + result: newTestInfo(&id, bkt, "test/small.jpg", false), + object: newTestObject(&id, bkt, "test/small.jpg"), }, { name: "a/b/small.jpg", prefix: "a", - result: newTestInfo(id, bkt, "a/b/small.jpg", false), - object: newTestObject(id, bkt, "a/b/small.jpg"), + result: newTestInfo(&id, bkt, "a/b/small.jpg", false), + object: newTestObject(&id, bkt, "a/b/small.jpg"), }, { name: "a/b/small.jpg", prefix: "a/", delimiter: "/", - result: newTestInfo(id, bkt, "a/b/", true), - object: newTestObject(id, bkt, "a/b/small.jpg"), + result: newTestInfo(&id, bkt, "a/b/", true), + object: newTestObject(&id, bkt, "a/b/small.jpg"), }, { name: "a/b/c/small.jpg", prefix: "a/", delimiter: "/", - result: newTestInfo(id, bkt, "a/b/", true), - object: newTestObject(id, bkt, "a/b/c/small.jpg"), + result: newTestInfo(&id, bkt, "a/b/", true), + object: newTestObject(&id, bkt, "a/b/c/small.jpg"), }, { name: "a/b/c/small.jpg", prefix: "a/b/c/s", delimiter: "/", - result: newTestInfo(id, bkt, "a/b/c/small.jpg", false), - object: newTestObject(id, bkt, "a/b/c/small.jpg"), + result: newTestInfo(&id, bkt, "a/b/c/small.jpg", false), + object: newTestObject(&id, bkt, "a/b/c/small.jpg"), }, { name: "a/b/c/big.jpg", prefix: "a/b/", delimiter: "/", - result: newTestInfo(id, bkt, "a/b/c/", true), - object: newTestObject(id, bkt, "a/b/c/big.jpg"), + result: newTestInfo(&id, bkt, "a/b/c/", true), + object: newTestObject(&id, bkt, "a/b/c/big.jpg"), }, } diff --git a/api/layer/versioning.go b/api/layer/versioning.go index bf44293c..e5078a68 100644 --- a/api/layer/versioning.go +++ b/api/layer/versioning.go @@ -393,11 +393,11 @@ func (n *layer) checkVersionsExist(ctx context.Context, bkt *data.BucketInfo, ob if obj.VersionID == unversionedObjectVersionID { version = versions.getLast(FromUnversioned()) } else { - id := oid.NewID() - if err := id.Parse(obj.VersionID); err != nil { + var id oid.ID + if err = id.DecodeString(obj.VersionID); err != nil { return nil, errors.GetAPIError(errors.ErrInvalidVersion) } - version = versions.getVersion(id) + version = versions.getVersion(&id) } if version == nil { diff --git a/api/layer/versioning_test.go b/api/layer/versioning_test.go index 69c0d949..7fbfd8c0 100644 --- a/api/layer/versioning_test.go +++ b/api/layer/versioning_test.go @@ -13,11 +13,11 @@ import ( "github.com/nspcc-dev/neofs-s3-gw/api/layer/neofs" "github.com/nspcc-dev/neofs-s3-gw/creds/accessbox" "github.com/nspcc-dev/neofs-s3-gw/internal/neofstest" + bearertest "github.com/nspcc-dev/neofs-sdk-go/bearer/test" "github.com/nspcc-dev/neofs-sdk-go/object" "github.com/nspcc-dev/neofs-sdk-go/object/address" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" - tokentest "github.com/nspcc-dev/neofs-sdk-go/token/test" + usertest "github.com/nspcc-dev/neofs-sdk-go/user/test" "github.com/stretchr/testify/require" "go.uber.org/zap" ) @@ -142,12 +142,12 @@ func prepareContext(t *testing.T, cachesConfig ...*CachesConfig) *testContext { key, err := keys.NewPrivateKey() require.NoError(t, err) - bearerToken := tokentest.BearerToken() - require.NoError(t, bearerToken.SignToken(&key.PrivateKey)) + bearerToken := bearertest.Token() + require.NoError(t, bearerToken.Sign(key.PrivateKey)) ctx := context.WithValue(context.Background(), api.BoxData, &accessbox.Box{ Gate: &accessbox.GateData{ - BearerToken: bearerToken, + BearerToken: &bearerToken, GateKey: key.PublicKey(), }, }) @@ -174,7 +174,7 @@ func prepareContext(t *testing.T, cachesConfig ...*CachesConfig) *testContext { layer: NewLayer(zap.NewNop(), tp, layerCfg), bktInfo: &data.BucketInfo{ Name: bktName, - Owner: owner.NewID(), + Owner: usertest.ID(), CID: bktID, }, obj: "obj1", @@ -482,9 +482,10 @@ func joinVers(objs ...*data.ObjectInfo) string { func getOID(id byte) *oid.ID { b := [32]byte{} b[31] = id - idObj := oid.NewID() + + var idObj oid.ID idObj.SetSHA256(b) - return idObj + return &idObj } func getTestObjectInfo(id byte, addAttr, delAttr, delMarkAttr string) *data.ObjectInfo { @@ -628,9 +629,11 @@ func TestSystemObjectsVersioning(t *testing.T) { }) require.NoError(t, err) + cnrID, _ := objMeta.ContainerID() + objID, _ := objMeta.ID() addr := address.NewAddress() - addr.SetContainerID(objMeta.ContainerID()) - addr.SetObjectID(objMeta.ID()) + addr.SetContainerID(cnrID) + addr.SetObjectID(objID) // simulate failed deletion tc.testNeoFS.AddObject(addr.String(), objMeta) @@ -660,7 +663,9 @@ func TestDeleteSystemObjectsVersioning(t *testing.T) { require.NoError(t, err) // simulate failed deletion - tc.testNeoFS.AddObject(newAddress(objMeta.ContainerID(), objMeta.ID()).String(), objMeta) + cnrID, _ := objMeta.ContainerID() + objID, _ := objMeta.ID() + tc.testNeoFS.AddObject(newAddress(cnrID, objID).String(), objMeta) tagging, err := tc.layer.GetBucketTagging(tc.ctx, tc.bktInfo) require.NoError(t, err) diff --git a/api/resolver/resolver.go b/api/resolver/resolver.go index 80c79715..017b4bf6 100644 --- a/api/resolver/resolver.go +++ b/api/resolver/resolver.go @@ -4,9 +4,8 @@ import ( "context" "fmt" - "github.com/nspcc-dev/neo-go/pkg/rpc/client" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" - "github.com/nspcc-dev/neofs-sdk-go/resolver" + "github.com/nspcc-dev/neofs-sdk-go/ns" ) const ( @@ -24,8 +23,8 @@ type NeoFS interface { } type Config struct { - NeoFS NeoFS - RPC *client.Client + NeoFS NeoFS + RPCAddress string } type BucketResolver struct { @@ -78,7 +77,7 @@ func newResolver(name string, cfg *Config, next *BucketResolver) (*BucketResolve case DNSResolver: return NewDNSResolver(cfg.NeoFS, next) case NNSResolver: - return NewNNSResolver(cfg.RPC, next) + return NewNNSResolver(cfg.RPCAddress, next) default: return nil, fmt.Errorf("unknown resolver: %s", name) } @@ -89,6 +88,8 @@ func NewDNSResolver(neoFS NeoFS, next *BucketResolver) (*BucketResolver, error) return nil, fmt.Errorf("pool must not be nil for DNS resolver") } + var dns ns.DNS + resolveFunc := func(ctx context.Context, name string) (*cid.ID, error) { domain, err := neoFS.SystemDNS(ctx) if err != nil { @@ -96,11 +97,11 @@ func NewDNSResolver(neoFS NeoFS, next *BucketResolver) (*BucketResolver, error) } domain = name + "." + domain - cnrID, err := resolver.ResolveContainerDomainName(domain) + cnrID, err := dns.ResolveContainerName(domain) if err != nil { return nil, fmt.Errorf("couldn't resolve container '%s' as '%s': %w", name, domain, err) } - return cnrID, nil + return &cnrID, nil } return &BucketResolver{ @@ -111,22 +112,23 @@ func NewDNSResolver(neoFS NeoFS, next *BucketResolver) (*BucketResolver, error) }, nil } -func NewNNSResolver(rpc *client.Client, next *BucketResolver) (*BucketResolver, error) { - if rpc == nil { - return nil, fmt.Errorf("rpc client must not be nil for NNS resolver") +func NewNNSResolver(address string, next *BucketResolver) (*BucketResolver, error) { + if address == "" { + return nil, fmt.Errorf("rpc address must not be empty for NNS resolver") } - nnsRPCResolver, err := resolver.NewNNSResolver(rpc) - if err != nil { - return nil, err + var nns ns.NNS + + if err := nns.Dial(address); err != nil { + return nil, fmt.Errorf("dial %s: %w", address, err) } resolveFunc := func(_ context.Context, name string) (*cid.ID, error) { - cnrID, err := nnsRPCResolver.ResolveContainerName(name) + cnrID, err := nns.ResolveContainerName(name) if err != nil { return nil, fmt.Errorf("couldn't resolve container '%s': %w", name, err) } - return cnrID, nil + return &cnrID, nil } return &BucketResolver{ diff --git a/authmate/authmate.go b/authmate/authmate.go index c2a27a8d..127b9323 100644 --- a/authmate/authmate.go +++ b/authmate/authmate.go @@ -15,21 +15,21 @@ import ( "github.com/nspcc-dev/neofs-s3-gw/api/cache" "github.com/nspcc-dev/neofs-s3-gw/creds/accessbox" "github.com/nspcc-dev/neofs-s3-gw/creds/tokens" + "github.com/nspcc-dev/neofs-sdk-go/bearer" cid "github.com/nspcc-dev/neofs-sdk-go/container/id" "github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/netmap" "github.com/nspcc-dev/neofs-sdk-go/object/address" - "github.com/nspcc-dev/neofs-sdk-go/owner" "github.com/nspcc-dev/neofs-sdk-go/policy" "github.com/nspcc-dev/neofs-sdk-go/session" - "github.com/nspcc-dev/neofs-sdk-go/token" + "github.com/nspcc-dev/neofs-sdk-go/user" "go.uber.org/zap" ) // PrmContainerCreate groups parameters of containers created by authmate. type PrmContainerCreate struct { // NeoFS identifier of the container creator. - Owner owner.ID + Owner user.ID // Container placement policy. Policy netmap.PlacementPolicy @@ -134,12 +134,12 @@ type ( } obtainingResult struct { - BearerToken *token.BearerToken `json:"-"` - SecretAccessKey string `json:"secret_access_key"` + BearerToken *bearer.Token `json:"-"` + SecretAccessKey string `json:"secret_access_key"` } ) -func (a *Agent) checkContainer(ctx context.Context, opts ContainerOptions, idOwner *owner.ID) (*cid.ID, error) { +func (a *Agent) checkContainer(ctx context.Context, opts ContainerOptions, idOwner user.ID) (*cid.ID, error) { if opts.ID != nil { // check that the container exists return opts.ID, a.neoFS.ContainerExists(ctx, *opts.ID) @@ -151,7 +151,7 @@ func (a *Agent) checkContainer(ctx context.Context, opts ContainerOptions, idOwn } cnrID, err := a.neoFS.CreateContainer(ctx, PrmContainerCreate{ - Owner: *idOwner, + Owner: idOwner, Policy: *pp, FriendlyName: opts.FriendlyName, }) @@ -232,7 +232,8 @@ func (a *Agent) IssueSecret(ctx context.Context, w io.Writer, options *IssueSecr box.ContainerPolicy = policies - idOwner := owner.NewIDFromPublicKey(&options.NeoFSKey.PrivateKey.PublicKey) + var idOwner user.ID + user.IDFromKey(&idOwner, options.NeoFSKey.PrivateKey.PublicKey) a.log.Info("check container or create", zap.Stringer("cid", options.Container.ID), zap.String("friendly_name", options.Container.FriendlyName), @@ -251,7 +252,9 @@ func (a *Agent) IssueSecret(ctx context.Context, w io.Writer, options *IssueSecr return fmt.Errorf("failed to put bearer token: %w", err) } - accessKeyID := addr.ContainerID().String() + "0" + addr.ObjectID().String() + cnrID, _ := addr.ContainerID() + objID, _ := addr.ObjectID() + accessKeyID := cnrID.EncodeToString() + "0" + objID.EncodeToString() ir := &issuingResult{ AccessKeyID: accessKeyID, @@ -267,7 +270,7 @@ func (a *Agent) IssueSecret(ctx context.Context, w io.Writer, options *IssueSecr } if options.AwsCliCredentialsFile != "" { - profileName := "authmate_cred_" + addr.ObjectID().String() + profileName := "authmate_cred_" + objID.EncodeToString() if _, err = os.Stat(options.AwsCliCredentialsFile); os.IsNotExist(err) { profileName = "default" } @@ -369,19 +372,22 @@ func buildContext(rules []byte) ([]*session.ContainerContext, error) { return []*session.ContainerContext{sessionCtxPut, sessionCtxDelete, sessionCtxEACL}, nil } -func buildBearerToken(key *keys.PrivateKey, table *eacl.Table, lifetime lifetimeOptions, gateKey *keys.PublicKey) (*token.BearerToken, error) { - oid := owner.NewIDFromPublicKey((*ecdsa.PublicKey)(gateKey)) +func buildBearerToken(key *keys.PrivateKey, table *eacl.Table, lifetime lifetimeOptions, gateKey *keys.PublicKey) (*bearer.Token, error) { + var ownerID user.ID + user.IDFromKey(&ownerID, (ecdsa.PublicKey)(*gateKey)) - bearerToken := token.NewBearerToken() - bearerToken.SetEACLTable(table) - bearerToken.SetOwner(oid) - bearerToken.SetLifetime(lifetime.Exp, lifetime.Iat, lifetime.Iat) + var bearerToken bearer.Token + bearerToken.SetEACLTable(*table) + bearerToken.SetOwnerID(ownerID) + bearerToken.SetExpiration(lifetime.Exp) + bearerToken.SetIssuedAt(lifetime.Iat) + bearerToken.SetNotBefore(lifetime.Iat) - return bearerToken, bearerToken.SignToken(&key.PrivateKey) + return &bearerToken, bearerToken.Sign(key.PrivateKey) } -func buildBearerTokens(key *keys.PrivateKey, table *eacl.Table, lifetime lifetimeOptions, gatesKeys []*keys.PublicKey) ([]*token.BearerToken, error) { - bearerTokens := make([]*token.BearerToken, 0, len(gatesKeys)) +func buildBearerTokens(key *keys.PrivateKey, table *eacl.Table, lifetime lifetimeOptions, gatesKeys []*keys.PublicKey) ([]*bearer.Token, error) { + bearerTokens := make([]*bearer.Token, 0, len(gatesKeys)) for _, gateKey := range gatesKeys { tkn, err := buildBearerToken(key, table, lifetime, gateKey) if err != nil { @@ -392,7 +398,7 @@ func buildBearerTokens(key *keys.PrivateKey, table *eacl.Table, lifetime lifetim return bearerTokens, nil } -func buildSessionToken(key *keys.PrivateKey, oid *owner.ID, lifetime lifetimeOptions, ctx *session.ContainerContext, gateKey *keys.PublicKey) (*session.Token, error) { +func buildSessionToken(key *keys.PrivateKey, oid *user.ID, lifetime lifetimeOptions, ctx *session.ContainerContext, gateKey *keys.PublicKey) (*session.Token, error) { tok := session.NewToken() tok.SetContext(ctx) uid, err := uuid.New().MarshalBinary() @@ -410,7 +416,7 @@ func buildSessionToken(key *keys.PrivateKey, oid *owner.ID, lifetime lifetimeOpt return tok, tok.Sign(&key.PrivateKey) } -func buildSessionTokens(key *keys.PrivateKey, oid *owner.ID, lifetime lifetimeOptions, ctxs []*session.ContainerContext, gatesKeys []*keys.PublicKey) ([][]*session.Token, error) { +func buildSessionTokens(key *keys.PrivateKey, oid *user.ID, lifetime lifetimeOptions, ctxs []*session.ContainerContext, gatesKeys []*keys.PublicKey) ([][]*session.Token, error) { sessionTokens := make([][]*session.Token, 0, len(gatesKeys)) for _, gateKey := range gatesKeys { tkns := make([]*session.Token, len(ctxs)) @@ -447,8 +453,10 @@ func createTokens(options *IssueSecretOptions, lifetime lifetimeOptions) ([]*acc return nil, fmt.Errorf("failed to build context for session token: %w", err) } - oid := owner.NewIDFromPublicKey(&options.NeoFSKey.PrivateKey.PublicKey) - sessionTokens, err := buildSessionTokens(options.NeoFSKey, oid, lifetime, sessionRules, options.GatesPublicKeys) + var ownerID user.ID + user.IDFromKey(&ownerID, options.NeoFSKey.PrivateKey.PublicKey) + + sessionTokens, err := buildSessionTokens(options.NeoFSKey, &ownerID, lifetime, sessionRules, options.GatesPublicKeys) if err != nil { return nil, fmt.Errorf("failed to biuild session token: %w", err) } diff --git a/cmd/authmate/main.go b/cmd/authmate/main.go index 625f4077..3dcaef09 100644 --- a/cmd/authmate/main.go +++ b/cmd/authmate/main.go @@ -245,10 +245,9 @@ It will be ceil rounded to the nearest amount of epoch.`, } agent := authmate.New(log, neoFS) - var containerID *cid.ID + var containerID cid.ID if len(containerIDFlag) > 0 { - containerID = cid.New() - if err := containerID.Parse(containerIDFlag); err != nil { + if err = containerID.DecodeString(containerIDFlag); err != nil { return cli.Exit(fmt.Sprintf("failed to parse auth container id: %s", err), 3) } } @@ -283,7 +282,7 @@ It will be ceil rounded to the nearest amount of epoch.`, issueSecretOptions := &authmate.IssueSecretOptions{ Container: authmate.ContainerOptions{ - ID: containerID, + ID: &containerID, FriendlyName: containerFriendlyName, PlacementPolicy: containerPlacementPolicy, }, diff --git a/cmd/s3-gw/app.go b/cmd/s3-gw/app.go index 5f9ee8c0..7f92b25d 100644 --- a/cmd/s3-gw/app.go +++ b/cmd/s3-gw/app.go @@ -3,13 +3,13 @@ package main import ( "context" "encoding/hex" + "fmt" "net" "net/http" "strconv" "time" "github.com/nspcc-dev/neo-go/pkg/crypto/keys" - "github.com/nspcc-dev/neo-go/pkg/rpc/client" "github.com/nspcc-dev/neofs-s3-gw/api" "github.com/nspcc-dev/neofs-s3-gw/api/auth" "github.com/nspcc-dev/neofs-s3-gw/api/cache" @@ -128,20 +128,16 @@ func newApp(ctx context.Context, l *zap.Logger, v *viper.Viper) *App { } resolveCfg := &resolver.Config{ - NeoFS: neofs.NewResolverNeoFS(conns), - } - - if rpcEndpoint := v.GetString(cfgRPCEndpoint); rpcEndpoint != "" { - rpc, err := client.New(ctx, rpcEndpoint, client.Options{}) - if err != nil { - l.Fatal("couldn't create rpc client", zap.String("endpoint", rpcEndpoint), zap.Error(err)) - } else if err = rpc.Init(); err != nil { - l.Fatal("couldn't init rpc client", zap.String("endpoint", rpcEndpoint), zap.Error(err)) - } - resolveCfg.RPC = rpc + NeoFS: neofs.NewResolverNeoFS(conns), + RPCAddress: v.GetString(cfgRPCEndpoint), } order := v.GetStringSlice(cfgResolveOrder) + if resolveCfg.RPCAddress == "" { + order = remove(order, resolver.NNSResolver) + l.Warn(fmt.Sprintf("resolver '%s' won't be used since '%s' isn't provided", resolver.NNSResolver, cfgRPCEndpoint)) + } + bucketResolver, err := resolver.NewResolver(order, resolveCfg) if err != nil { l.Fatal("failed to form resolver", zap.Error(err)) @@ -194,6 +190,15 @@ func newApp(ctx context.Context, l *zap.Logger, v *viper.Viper) *App { } } +func remove(list []string, element string) []string { + for i, item := range list { + if item == element { + return append(list[:i], list[i+1:]...) + } + } + return list +} + // Wait waits for an application to finish. // // Pre-logs a message about the launch of the application mentioning its diff --git a/creds/accessbox/accessbox.go b/creds/accessbox/accessbox.go index 3168a8d0..4fa8fd84 100644 --- a/creds/accessbox/accessbox.go +++ b/creds/accessbox/accessbox.go @@ -12,9 +12,9 @@ import ( "github.com/nspcc-dev/neo-go/pkg/crypto/keys" apisession "github.com/nspcc-dev/neofs-api-go/v2/session" + "github.com/nspcc-dev/neofs-sdk-go/bearer" "github.com/nspcc-dev/neofs-sdk-go/netmap" "github.com/nspcc-dev/neofs-sdk-go/session" - "github.com/nspcc-dev/neofs-sdk-go/token" "golang.org/x/crypto/chacha20poly1305" "golang.org/x/crypto/hkdf" "google.golang.org/protobuf/proto" @@ -35,13 +35,13 @@ type ContainerPolicy struct { // GateData represents gate tokens in AccessBox. type GateData struct { AccessKey string - BearerToken *token.BearerToken + BearerToken *bearer.Token SessionTokens []*session.Token GateKey *keys.PublicKey } // NewGateData returns GateData from the provided bearer token and the public gate key. -func NewGateData(gateKey *keys.PublicKey, bearerTkn *token.BearerToken) *GateData { +func NewGateData(gateKey *keys.PublicKey, bearerTkn *bearer.Token) *GateData { return &GateData{GateKey: gateKey, BearerToken: bearerTkn} } @@ -175,12 +175,8 @@ func (x *AccessBox) GetBox(owner *keys.PrivateKey) (*Box, error) { } func (x *AccessBox) addTokens(gatesData []*GateData, ephemeralKey *keys.PrivateKey, secret []byte) error { - for i, gate := range gatesData { - encBearer, err := gate.BearerToken.Marshal() - if err != nil { - return fmt.Errorf("%w, sender = %d", err, i) - } - + for _, gate := range gatesData { + encBearer := gate.BearerToken.Marshal() encSessions := make([][]byte, len(gate.SessionTokens)) for i, sessionToken := range gate.SessionTokens { encSession, err := sessionToken.Marshal() @@ -231,8 +227,8 @@ func decodeGate(gate *AccessBox_Gate, owner *keys.PrivateKey, sender *keys.Publi return nil, err } - bearerTkn := token.NewBearerToken() - if err := bearerTkn.Unmarshal(tokens.BearerToken); err != nil { + var bearerTkn bearer.Token + if err = bearerTkn.Unmarshal(tokens.BearerToken); err != nil { return nil, err } @@ -245,7 +241,7 @@ func decodeGate(gate *AccessBox_Gate, owner *keys.PrivateKey, sender *keys.Publi sessionTkns[i] = sessionTkn } - gateData := NewGateData(owner.PublicKey(), bearerTkn) + gateData := NewGateData(owner.PublicKey(), &bearerTkn) gateData.SessionTokens = sessionTkns gateData.AccessKey = hex.EncodeToString(tokens.AccessKey) return gateData, nil diff --git a/creds/accessbox/bearer_token_test.go b/creds/accessbox/bearer_token_test.go index f55cc57b..f6db6096 100644 --- a/creds/accessbox/bearer_token_test.go +++ b/creds/accessbox/bearer_token_test.go @@ -5,16 +5,16 @@ import ( "github.com/google/uuid" "github.com/nspcc-dev/neo-go/pkg/crypto/keys" + "github.com/nspcc-dev/neofs-sdk-go/bearer" "github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/session" - "github.com/nspcc-dev/neofs-sdk-go/token" "github.com/stretchr/testify/require" ) func Test_tokens_encrypt_decrypt(t *testing.T) { var ( - tkn = token.NewBearerToken() - tkn2 = token.NewBearerToken() + tkn bearer.Token + tkn2 bearer.Token ) sec, err := keys.NewPrivateKey() require.NoError(t, err) @@ -22,13 +22,10 @@ func Test_tokens_encrypt_decrypt(t *testing.T) { cred, err := keys.NewPrivateKey() require.NoError(t, err) - tkn.SetEACLTable(eacl.NewTable()) - require.NoError(t, tkn.SignToken(&sec.PrivateKey)) + tkn.SetEACLTable(*eacl.NewTable()) + require.NoError(t, tkn.Sign(sec.PrivateKey)) - rawTkn, err := tkn.Marshal() - require.NoError(t, err) - - data, err := encrypt(cred, cred.PublicKey(), rawTkn) + data, err := encrypt(cred, cred.PublicKey(), tkn.Marshal()) require.NoError(t, err) rawTkn2, err := decrypt(cred, cred.PublicKey(), data) @@ -44,7 +41,7 @@ func Test_bearer_token_in_access_box(t *testing.T) { var ( box *AccessBox box2 AccessBox - tkn = token.NewBearerToken() + tkn bearer.Token ) sec, err := keys.NewPrivateKey() @@ -53,10 +50,10 @@ func Test_bearer_token_in_access_box(t *testing.T) { cred, err := keys.NewPrivateKey() require.NoError(t, err) - tkn.SetEACLTable(eacl.NewTable()) - require.NoError(t, tkn.SignToken(&sec.PrivateKey)) + tkn.SetEACLTable(*eacl.NewTable()) + require.NoError(t, tkn.Sign(sec.PrivateKey)) - gate := NewGateData(cred.PublicKey(), tkn) + gate := NewGateData(cred.PublicKey(), &tkn) box, _, err = PackTokens([]*GateData{gate}) require.NoError(t, err) @@ -69,7 +66,7 @@ func Test_bearer_token_in_access_box(t *testing.T) { tkns, err := box2.GetTokens(cred) require.NoError(t, err) - require.Equal(t, tkn, tkns.BearerToken) + require.Equal(t, &tkn, tkns.BearerToken) } func Test_session_token_in_access_box(t *testing.T) { @@ -93,7 +90,8 @@ func Test_session_token_in_access_box(t *testing.T) { tok.SetSessionKey(sec.PublicKey().Bytes()) require.NoError(t, tkn.Sign(&sec.PrivateKey)) - gate := NewGateData(cred.PublicKey(), token.NewBearerToken()) + var newTkn bearer.Token + gate := NewGateData(cred.PublicKey(), &newTkn) gate.SessionTokens = []*session.Token{tkn} box, _, err = PackTokens([]*GateData{gate}) require.NoError(t, err) @@ -113,14 +111,14 @@ func Test_session_token_in_access_box(t *testing.T) { func Test_accessbox_multiple_keys(t *testing.T) { var ( box *AccessBox - tkn = token.NewBearerToken() + tkn bearer.Token ) sec, err := keys.NewPrivateKey() require.NoError(t, err) - tkn.SetEACLTable(eacl.NewTable()) - require.NoError(t, tkn.SignToken(&sec.PrivateKey)) + tkn.SetEACLTable(*eacl.NewTable()) + require.NoError(t, tkn.Sign(sec.PrivateKey)) count := 10 gates := make([]*GateData, 0, count) @@ -130,7 +128,7 @@ func Test_accessbox_multiple_keys(t *testing.T) { cred, err := keys.NewPrivateKey() require.NoError(t, err) - gates = append(gates, NewGateData(cred.PublicKey(), tkn)) + gates = append(gates, NewGateData(cred.PublicKey(), &tkn)) privateKeys = append(privateKeys, cred) } } @@ -141,14 +139,14 @@ func Test_accessbox_multiple_keys(t *testing.T) { for i, k := range privateKeys { tkns, err := box.GetTokens(k) require.NoError(t, err, "key #%d: %s failed", i, k) - require.Equal(t, tkns.BearerToken, tkn) + require.Equal(t, *tkns.BearerToken, tkn) } } func Test_unknown_key(t *testing.T) { var ( box *AccessBox - tkn = token.NewBearerToken() + tkn bearer.Token ) sec, err := keys.NewPrivateKey() @@ -160,10 +158,10 @@ func Test_unknown_key(t *testing.T) { wrongCred, err := keys.NewPrivateKey() require.NoError(t, err) - tkn.SetEACLTable(eacl.NewTable()) - require.NoError(t, tkn.SignToken(&sec.PrivateKey)) + tkn.SetEACLTable(*eacl.NewTable()) + require.NoError(t, tkn.Sign(sec.PrivateKey)) - gate := NewGateData(cred.PublicKey(), tkn) + gate := NewGateData(cred.PublicKey(), &tkn) box, _, err = PackTokens([]*GateData{gate}) require.NoError(t, err) diff --git a/creds/tokens/credentials.go b/creds/tokens/credentials.go index 39dc6f29..251aefee 100644 --- a/creds/tokens/credentials.go +++ b/creds/tokens/credentials.go @@ -13,14 +13,14 @@ import ( cid "github.com/nspcc-dev/neofs-sdk-go/container/id" "github.com/nspcc-dev/neofs-sdk-go/object/address" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" + "github.com/nspcc-dev/neofs-sdk-go/user" ) type ( // Credentials is a bearer token get/put interface. Credentials interface { GetBox(context.Context, *address.Address) (*accessbox.Box, error) - Put(context.Context, *cid.ID, *owner.ID, *accessbox.AccessBox, uint64, ...*keys.PublicKey) (*address.Address, error) + Put(context.Context, *cid.ID, user.ID, *accessbox.AccessBox, uint64, ...*keys.PublicKey) (*address.Address, error) } cred struct { @@ -33,7 +33,7 @@ type ( // PrmObjectCreate groups parameters of objects created by credential tool. type PrmObjectCreate struct { // NeoFS identifier of the object creator. - Creator owner.ID + Creator user.ID // NeoFS container to store the object. Container cid.ID @@ -118,7 +118,7 @@ func (c *cred) getAccessBox(ctx context.Context, addr *address.Address) (*access return &box, nil } -func (c *cred) Put(ctx context.Context, idCnr *cid.ID, issuer *owner.ID, box *accessbox.AccessBox, expiration uint64, keys ...*keys.PublicKey) (*address.Address, error) { +func (c *cred) Put(ctx context.Context, idCnr *cid.ID, issuer user.ID, box *accessbox.AccessBox, expiration uint64, keys ...*keys.PublicKey) (*address.Address, error) { if len(keys) == 0 { return nil, ErrEmptyPublicKeys } else if box == nil { @@ -130,7 +130,7 @@ func (c *cred) Put(ctx context.Context, idCnr *cid.ID, issuer *owner.ID, box *ac } idObj, err := c.neoFS.CreateObject(ctx, PrmObjectCreate{ - Creator: *issuer, + Creator: issuer, Container: *idCnr, Filename: strconv.FormatInt(time.Now().Unix(), 10) + "_access.box", ExpirationEpoch: expiration, @@ -141,7 +141,7 @@ func (c *cred) Put(ctx context.Context, idCnr *cid.ID, issuer *owner.ID, box *ac } addr := address.NewAddress() - addr.SetObjectID(idObj) - addr.SetContainerID(idCnr) + addr.SetObjectID(*idObj) + addr.SetContainerID(*idCnr) return addr, nil } diff --git a/go.mod b/go.mod index 15809331..8dcb6f27 100644 --- a/go.mod +++ b/go.mod @@ -11,9 +11,9 @@ require ( github.com/gorilla/mux v1.8.0 github.com/nats-io/nats-server/v2 v2.7.1 // indirect github.com/nats-io/nats.go v1.13.1-0.20220121202836-972a071d373d - github.com/nspcc-dev/neo-go v0.98.0 + github.com/nspcc-dev/neo-go v0.98.2 github.com/nspcc-dev/neofs-api-go/v2 v2.12.1 - github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.3.0.20220407103316-e50e6d28280d + github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.3.0.20220424111116-497053c785f5 github.com/prometheus/client_golang v1.11.0 github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.7.1 diff --git a/go.sum b/go.sum index 9e20a5b4..66a7bad1 100644 --- a/go.sum +++ b/go.sum @@ -199,7 +199,6 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/holiman/uint256 v1.2.0 h1:gpSYcPLWGv4sG43I2mVLiDZCNDh/EpGjSk8tmtxitHM= github.com/holiman/uint256 v1.2.0/go.mod h1:y4ga/t+u+Xwd7CpDgZESaRcWy0I7XMlTMA25ApIH5Jw= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= @@ -220,6 +219,7 @@ github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4= @@ -283,26 +283,36 @@ github.com/nspcc-dev/dbft v0.0.0-20191209120240-0d6b7568d9ae/go.mod h1:3FjXOoHmA github.com/nspcc-dev/dbft v0.0.0-20200117124306-478e5cfbf03a/go.mod h1:/YFK+XOxxg0Bfm6P92lY5eDSLYfp06XOdL8KAVgXjVk= github.com/nspcc-dev/dbft v0.0.0-20200219114139-199d286ed6c1/go.mod h1:O0qtn62prQSqizzoagHmuuKoz8QMkU3SzBoKdEvm3aQ= github.com/nspcc-dev/dbft v0.0.0-20210721160347-1b03241391ac/go.mod h1:U8MSnEShH+o5hexfWJdze6uMFJteP0ko7J2frO7Yu1Y= -github.com/nspcc-dev/go-ordered-json v0.0.0-20210915112629-e1b6cce73d02 h1:JgRx27vfGw5WV5QbaNDy0iy2WD1XJO964wwAapaYKLg= github.com/nspcc-dev/go-ordered-json v0.0.0-20210915112629-e1b6cce73d02/go.mod h1:79bEUDEviBHJMFV6Iq6in57FEOCMcRhfQnfaf0ETA5U= +github.com/nspcc-dev/go-ordered-json v0.0.0-20220111165707-25110be27d22 h1:n4ZaFCKt1pQJd7PXoMJabZWK9ejjbLOVrkl/lOUmshg= +github.com/nspcc-dev/go-ordered-json v0.0.0-20220111165707-25110be27d22/go.mod h1:79bEUDEviBHJMFV6Iq6in57FEOCMcRhfQnfaf0ETA5U= github.com/nspcc-dev/hrw v1.0.9 h1:17VcAuTtrstmFppBjfRiia4K2wA/ukXZhLFS8Y8rz5Y= github.com/nspcc-dev/hrw v1.0.9/go.mod h1:l/W2vx83vMQo6aStyx2AuZrJ+07lGv2JQGlVkPG06MU= github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1:pPYwPZ2ks+uMnlRLUyXOpLieaDQSEaf4NM3zHVbRjmg= -github.com/nspcc-dev/neo-go v0.98.0 h1:yyW4sgY88/pLf0949qmgfkQXzRKC3CI/WyhqXNnwMd8= github.com/nspcc-dev/neo-go v0.98.0/go.mod h1:E3cc1x6RXSXrJb2nDWXTXjnXk3rIqVN8YdFyWv+FrqM= +github.com/nspcc-dev/neo-go v0.98.2 h1:aNTQR0BjkojCVXv17/dh1sD88a0A1L+7GNympylTKig= +github.com/nspcc-dev/neo-go v0.98.2/go.mod h1:KXKqJwfTyVJzDarSCDqFaKrVbg/qz0ZBk2c3AtzqS5M= +github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220321113211-526c423a6152 h1:JK6tUTDL389aO5/0ZQDin+1MQ8uM35Oph7wUnf8mS+4= +github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220321113211-526c423a6152/go.mod h1:QBE0I30F2kOAISNpT5oks82yF4wkkUq3SCfI3Hqgx/Y= github.com/nspcc-dev/neofs-api-go/v2 v2.11.0-pre.0.20211201134523-3604d96f3fe1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs= +github.com/nspcc-dev/neofs-api-go/v2 v2.11.1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs= github.com/nspcc-dev/neofs-api-go/v2 v2.12.1 h1:PVU2rLlG9S0jDe5eKyaUs4nKo/la+mN5pvz32Gib3qM= github.com/nspcc-dev/neofs-api-go/v2 v2.12.1/go.mod h1:73j09Xa7I2zQbM3HCvAHnDHPYiiWnEHa1d6Z6RDMBLU= +github.com/nspcc-dev/neofs-contract v0.15.1 h1:1r27t4SGKF7W1PRPOIfircEXHvALThNYNagT+SIabcA= +github.com/nspcc-dev/neofs-contract v0.15.1/go.mod h1:kxO5ZTqdzFnRM5RMvM+Fhd+3GGrJo6AmG2ZyA9OCqqQ= github.com/nspcc-dev/neofs-crypto v0.2.0/go.mod h1:F/96fUzPM3wR+UGsPi3faVNmFlA9KAEAUQR7dMxZmNA= github.com/nspcc-dev/neofs-crypto v0.2.3/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw= github.com/nspcc-dev/neofs-crypto v0.3.0 h1:zlr3pgoxuzrmGCxc5W8dGVfA9Rro8diFvVnBg0L4ifM= github.com/nspcc-dev/neofs-crypto v0.3.0/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw= github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211201182451-a5b61c4f6477/go.mod h1:dfMtQWmBHYpl9Dez23TGtIUKiFvCIxUZq/CkSIhEpz4= -github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.3.0.20220407103316-e50e6d28280d h1:OHyq8+zyQtARFWj3quRPabcfQWJZEiU7HYp6QGCSjaM= -github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.3.0.20220407103316-e50e6d28280d/go.mod h1:Hl7a1l0ntZ4b1ZABpGX6fuAuFS3c6+hyMCUNVvZv/w4= +github.com/nspcc-dev/neofs-sdk-go v0.0.0-20220113123743-7f3162110659/go.mod h1:/jay1lr3w7NQd/VDBkEhkJmDmyPNsu4W+QV2obsUV40= +github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.3.0.20220424111116-497053c785f5 h1:upiT6iVOy81tiY2x593E8+mxpb9BuW3fsvKFdqdXenk= +github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.3.0.20220424111116-497053c785f5/go.mod h1:u567oWTnAyGXbPWMrbcN0NB5zCPF+PqkaKg+vcijcho= github.com/nspcc-dev/rfc6979 v0.1.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= github.com/nspcc-dev/rfc6979 v0.2.0 h1:3e1WNxrN60/6N0DW7+UYisLeZJyfqZTNOjeV/toYvOE= github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= +github.com/nspcc-dev/tzhash v1.5.2 h1:GuIQPOY2xpl5ZE1pbUbz+QdKXVOTyzbbxSVv0nBfa98= +github.com/nspcc-dev/tzhash v1.5.2/go.mod h1:gwAx6mcsbkfY+JVp+PovoP2Gvw6y57W8dj7zDHKOhzI= github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= @@ -414,6 +424,7 @@ github.com/virtuald/go-ordered-json v0.0.0-20170621173500-b18e6e673d74/go.mod h1 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/gopher-lua v0.0.0-20190514113301-1cd887cd7036/go.mod h1:gqRgreBUhTSL0GeU64rtZ3Uq3wtjOa/TB2YfrtkCbVQ= github.com/yuin/gopher-lua v0.0.0-20191128022950-c6266f4fe8d7/go.mod h1:gqRgreBUhTSL0GeU64rtZ3Uq3wtjOa/TB2YfrtkCbVQ= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= @@ -472,6 +483,7 @@ golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKG golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -497,6 +509,7 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -554,8 +567,10 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220111092808-5a964db01320 h1:0jf+tOCoZ3LyutmCOWpVni1chK4VfFLhRsDK7MhqGRY= +golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220111092808-5a964db01320/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 h1:XfKQ4OlFl8okEOr5UvAqFRVj8pY/4yfcXrddB8qAbU0= +golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210429154555-c04ba851c2a4 h1:UPou2i3GzKgi6igR+/0C5XyHKBngHxBp/CL5CQ0p3Zk= golang.org/x/term v0.0.0-20210429154555-c04ba851c2a4/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -563,8 +578,9 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 h1:GZokNIeuVkl3aZHJchRrr13WCsols02MLUcz1U9is6M= @@ -592,8 +608,9 @@ golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20201022035929-9cf592e881e9/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.1 h1:wGiQel/hW0NnEkJUk8lbzkX2gFJU6PFxf1v5OlCfuOs= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.8 h1:P1HhGGuLW4aAclzjtmJdf0mJOjVUZUzOTqkAkWL+l6w= +golang.org/x/tools v0.1.8/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/internal/neofs/neofs.go b/internal/neofs/neofs.go index 1d759adb..143ed6c6 100644 --- a/internal/neofs/neofs.go +++ b/internal/neofs/neofs.go @@ -23,9 +23,9 @@ import ( "github.com/nspcc-dev/neofs-sdk-go/object" "github.com/nspcc-dev/neofs-sdk-go/object/address" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/owner" "github.com/nspcc-dev/neofs-sdk-go/pool" "github.com/nspcc-dev/neofs-sdk-go/session" + "github.com/nspcc-dev/neofs-sdk-go/user" ) // NeoFS represents virtual connection to the NeoFS network. @@ -143,7 +143,7 @@ func (x *NeoFS) CreateContainer(ctx context.Context, prm neofs.PrmContainerCreat } // UserContainers implements neofs.NeoFS interface method. -func (x *NeoFS) UserContainers(ctx context.Context, id owner.ID) ([]cid.ID, error) { +func (x *NeoFS) UserContainers(ctx context.Context, id user.ID) ([]cid.ID, error) { var prm pool.PrmContainerList prm.SetOwnerID(id) @@ -226,7 +226,7 @@ func (x *NeoFS) CreateObject(ctx context.Context, prm neofs.PrmObjectCreate) (*o } obj := object.New() - obj.SetContainerID(&prm.Container) + obj.SetContainerID(prm.Container) obj.SetOwnerID(&prm.Creator) obj.SetAttributes(attrs...) obj.SetPayloadSize(prm.PayloadSize) @@ -242,7 +242,7 @@ func (x *NeoFS) CreateObject(ctx context.Context, prm neofs.PrmObjectCreate) (*o prmPut.SetPayload(prm.Payload) if prm.BearerToken != nil { - prmPut.UseBearer(prm.BearerToken) + prmPut.UseBearer(*prm.BearerToken) } else { prmPut.UseKey(prm.PrivateKey) } @@ -273,7 +273,7 @@ func (x *NeoFS) SelectObjects(ctx context.Context, prm neofs.PrmObjectSelect) ([ prmSearch.SetFilters(filters) if prm.BearerToken != nil { - prmSearch.UseBearer(prm.BearerToken) + prmSearch.UseBearer(*prm.BearerToken) } else { prmSearch.UseKey(prm.PrivateKey) } @@ -322,14 +322,14 @@ func (x payloadReader) Read(p []byte) (int, error) { // ReadObject implements neofs.NeoFS interface method. func (x *NeoFS) ReadObject(ctx context.Context, prm neofs.PrmObjectRead) (*neofs.ObjectPart, error) { var addr address.Address - addr.SetContainerID(&prm.Container) - addr.SetObjectID(&prm.Object) + addr.SetContainerID(prm.Container) + addr.SetObjectID(prm.Object) var prmGet pool.PrmObjectGet prmGet.SetAddress(addr) if prm.BearerToken != nil { - prmGet.UseBearer(prm.BearerToken) + prmGet.UseBearer(*prm.BearerToken) } else { prmGet.UseKey(prm.PrivateKey) } @@ -363,7 +363,7 @@ func (x *NeoFS) ReadObject(ctx context.Context, prm neofs.PrmObjectRead) (*neofs prmHead.SetAddress(addr) if prm.BearerToken != nil { - prmHead.UseBearer(prm.BearerToken) + prmHead.UseBearer(*prm.BearerToken) } else { prmHead.UseKey(prm.PrivateKey) } @@ -401,7 +401,7 @@ func (x *NeoFS) ReadObject(ctx context.Context, prm neofs.PrmObjectRead) (*neofs prmRange.SetLength(prm.PayloadRange[1]) if prm.BearerToken != nil { - prmRange.UseBearer(prm.BearerToken) + prmRange.UseBearer(*prm.BearerToken) } else { prmRange.UseKey(prm.PrivateKey) } @@ -423,14 +423,14 @@ func (x *NeoFS) ReadObject(ctx context.Context, prm neofs.PrmObjectRead) (*neofs // DeleteObject implements neofs.NeoFS interface method. func (x *NeoFS) DeleteObject(ctx context.Context, prm neofs.PrmObjectDelete) error { var addr address.Address - addr.SetContainerID(&prm.Container) - addr.SetObjectID(&prm.Object) + addr.SetContainerID(prm.Container) + addr.SetObjectID(prm.Object) var prmDelete pool.PrmObjectDelete prmDelete.SetAddress(addr) if prm.BearerToken != nil { - prmDelete.UseBearer(prm.BearerToken) + prmDelete.UseBearer(*prm.BearerToken) } else { prmDelete.UseKey(prm.PrivateKey) } @@ -531,9 +531,12 @@ func (x *AuthmateNeoFS) CreateContainer(ctx context.Context, prm authmate.PrmCon // ReadObjectPayload implements authmate.NeoFS interface method. func (x *AuthmateNeoFS) ReadObjectPayload(ctx context.Context, addr address.Address) ([]byte, error) { + cnrID, _ := addr.ContainerID() + objID, _ := addr.ObjectID() + res, err := x.neoFS.ReadObject(ctx, neofs.PrmObjectRead{ - Container: *addr.ContainerID(), - Object: *addr.ObjectID(), + Container: cnrID, + Object: objID, WithPayload: true, }) if err != nil { diff --git a/internal/neofstest/neofs_mock.go b/internal/neofstest/neofs_mock.go index 8eba8a41..db13b767 100644 --- a/internal/neofstest/neofs_mock.go +++ b/internal/neofstest/neofs_mock.go @@ -18,8 +18,7 @@ import ( "github.com/nspcc-dev/neofs-sdk-go/object" "github.com/nspcc-dev/neofs-sdk-go/object/address" oid "github.com/nspcc-dev/neofs-sdk-go/object/id" - "github.com/nspcc-dev/neofs-sdk-go/object/id/test" - "github.com/nspcc-dev/neofs-sdk-go/owner" + "github.com/nspcc-dev/neofs-sdk-go/user" ) const objectSystemAttributeName = "S3-System-name" @@ -61,8 +60,8 @@ func (t *TestNeoFS) ContainerID(name string) (*cid.ID, error) { for id, cnr := range t.containers { for _, attr := range cnr.Attributes() { if attr.Key() == container.AttributeName && attr.Value() == name { - cnrID := cid.New() - return cnrID, cnrID.Parse(id) + var cnrID cid.ID + return &cnrID, cnrID.DecodeString(id) } } } @@ -97,11 +96,11 @@ func (t *TestNeoFS) CreateContainer(_ context.Context, prm neofs.PrmContainerCre return nil, err } - id := cid.New() + var id cid.ID id.SetSHA256(sha256.Sum256(b)) t.containers[id.String()] = cnr - return id, nil + return &id, nil } func (t *TestNeoFS) Container(_ context.Context, id cid.ID) (*container.Container, error) { @@ -114,11 +113,11 @@ func (t *TestNeoFS) Container(_ context.Context, id cid.ID) (*container.Containe return nil, fmt.Errorf("container not found " + id.String()) } -func (t *TestNeoFS) UserContainers(_ context.Context, _ owner.ID) ([]cid.ID, error) { +func (t *TestNeoFS) UserContainers(_ context.Context, _ user.ID) ([]cid.ID, error) { var res []cid.ID for k := range t.containers { var idCnr cid.ID - if err := idCnr.Parse(k); err != nil { + if err := idCnr.DecodeString(k); err != nil { return nil, err } res = append(res, idCnr) @@ -146,7 +145,8 @@ func (t *TestNeoFS) SelectObjects(_ context.Context, prm neofs.PrmObjectSelect) if len(filters) == 1 { for k, v := range t.objects { if strings.Contains(k, cidStr) { - res = append(res, *v.ID()) + id, _ := v.ID() + res = append(res, id) } } return res, nil @@ -160,7 +160,8 @@ func (t *TestNeoFS) SelectObjects(_ context.Context, prm neofs.PrmObjectSelect) for k, v := range t.objects { if strings.Contains(k, cidStr) && isMatched(v.Attributes(), filter) { - res = append(res, *v.ID()) + id, _ := v.ID() + res = append(res, id) } } @@ -169,8 +170,8 @@ func (t *TestNeoFS) SelectObjects(_ context.Context, prm neofs.PrmObjectSelect) func (t *TestNeoFS) ReadObject(_ context.Context, prm neofs.PrmObjectRead) (*neofs.ObjectPart, error) { var addr address.Address - addr.SetContainerID(&prm.Container) - addr.SetObjectID(&prm.Object) + addr.SetContainerID(prm.Container) + addr.SetObjectID(prm.Object) sAddr := addr.String() @@ -185,7 +186,12 @@ func (t *TestNeoFS) ReadObject(_ context.Context, prm neofs.PrmObjectRead) (*neo } func (t *TestNeoFS) CreateObject(_ context.Context, prm neofs.PrmObjectCreate) (*oid.ID, error) { - id := test.ID() + b := make([]byte, 32) + if _, err := io.ReadFull(rand.Reader, b); err != nil { + return nil, err + } + var id oid.ID + id.SetSHA256(sha256.Sum256(b)) attrs := make([]object.Attribute, 0) @@ -204,7 +210,7 @@ func (t *TestNeoFS) CreateObject(_ context.Context, prm neofs.PrmObjectCreate) ( } obj := object.New() - obj.SetContainerID(&prm.Container) + obj.SetContainerID(prm.Container) obj.SetID(id) obj.SetPayloadSize(prm.PayloadSize) obj.SetAttributes(attrs...) @@ -226,22 +232,25 @@ func (t *TestNeoFS) CreateObject(_ context.Context, prm neofs.PrmObjectCreate) ( obj.SetPayloadSize(uint64(len(all))) } - addr := newAddress(obj.ContainerID(), obj.ID()) + cnrID, _ := obj.ContainerID() + objID, _ := obj.ID() + + addr := newAddress(cnrID, objID) t.objects[addr.String()] = obj - return obj.ID(), nil + return &objID, nil } func (t *TestNeoFS) DeleteObject(_ context.Context, prm neofs.PrmObjectDelete) error { var addr address.Address - addr.SetContainerID(&prm.Container) - addr.SetObjectID(&prm.Object) + addr.SetContainerID(prm.Container) + addr.SetObjectID(prm.Object) delete(t.objects, addr.String()) return nil } -func (t *TestNeoFS) TimeToEpoch(ctx context.Context, futureTime time.Time) (uint64, uint64, error) { +func (t *TestNeoFS) TimeToEpoch(_ context.Context, futureTime time.Time) (uint64, uint64, error) { return t.currentEpoch, t.currentEpoch + uint64(futureTime.Second()), nil } @@ -255,7 +264,7 @@ func isMatched(attributes []object.Attribute, filter object.SearchFilter) bool { return false } -func newAddress(cid *cid.ID, oid *oid.ID) *address.Address { +func newAddress(cid cid.ID, oid oid.ID) *address.Address { addr := address.NewAddress() addr.SetContainerID(cid) addr.SetObjectID(oid)