From 2889a3fa4276c0c6e5bcbd6edc0f106d7dce15ac Mon Sep 17 00:00:00 2001
From: Alex Vanin <a.vanin@yadro.com>
Date: Mon, 8 Jul 2024 15:34:55 +0300
Subject: [PATCH] Update credential issue process

* Register wallet key in FrostFS ID before issuing secret
* Use issue-creds script instead of Makefile command

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
---
 Dockerfile         |  1 +
 Makefile           | 12 ++----------
 bin/issue-creds.sh | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 35 insertions(+), 10 deletions(-)
 create mode 100755 bin/issue-creds.sh

diff --git a/Dockerfile b/Dockerfile
index 8b7ecb4..4e78795 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -56,6 +56,7 @@ COPY ./vendor/locode_db /config/locode.db
 COPY ./vendor/contracts/ /config/contracts
 
 COPY ./bin/init-aio.sh /usr/bin/init-aio.sh
+COPY ./bin/issue-creds.sh /usr/bin/issue-creds.sh
 
 ENV AUTHMATE_WALLET_PASSPHRASE=""
 ENV AUTHMATE_WALLET_CONTRACT_PASSPHRASE=""
diff --git a/Makefile b/Makefile
index c62e521..dc29730 100644
--- a/Makefile
+++ b/Makefile
@@ -63,19 +63,11 @@ clean: down
 
 # Generate S3 credentials
 s3cred:
-	@docker exec aio /usr/bin/frostfs-s3-authmate issue-secret \
-		--wallet /config/user-wallet.json \
-		--peer localhost:8080 \
-		--gate-public-key $(S3_GATE_PUBLIC_KEY) \
-		--container-placement-policy "REP 1"
+	@docker exec aio /usr/bin/issue-creds.sh
 
 # Generate S3 credentials based on imported wallets
 s3cred-custom:
-	@docker exec aio /usr/bin/frostfs-s3-authmate issue-secret \
-		--wallet /wallets/$(wallet) \
-		--peer localhost:8080 \
-		--gate-public-key $(S3_GATE_PUBLIC_KEY) \
-		--container-placement-policy "REP 1"
+	@docker exec aio /usr/bin/issue-creds.sh $(wallet)
 
 enable-oracle:
 	@docker exec aio neo-go contract invokefunction -r http://localhost:30333 \
diff --git a/bin/issue-creds.sh b/bin/issue-creds.sh
new file mode 100755
index 0000000..7c08dc5
--- /dev/null
+++ b/bin/issue-creds.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+initUser() {
+  /usr/bin/frostfs-s3-authmate register-user \
+    --wallet $WALLET_PATH \
+    --rpc-endpoint http://localhost:30333 \
+    --username $USERNAME \
+    --contract-wallet /config/s3-gw-wallet.json >/dev/null 2>&1 && touch $WALLET_CACHE/$USERNAME
+}
+
+issueAWS() {
+  /usr/bin/frostfs-s3-authmate issue-secret \
+    --wallet $WALLET_PATH \
+    --peer localhost:8080 \
+    --gate-public-key $S3_GATE_PUBLIC_KEY \
+    --container-placement-policy "REP 1"
+}
+
+S3_GATE_PUBLIC_KEY=$(neo-go wallet dump-keys -w /config/s3-gw-wallet.json | tail -1)
+WALLET_PATH=/wallets/$1
+if [[ -z "$1" ]]; then
+  WALLET_PATH=/config/user-wallet.json
+fi
+
+WALLET_CACHE=/data/wallets
+mkdir -p $WALLET_CACHE
+
+USERNAME=$(echo $WALLET_PATH | md5sum | cut -d' ' -f1)
+if [ ! -e $WALLET_CACHE/$USERNAME ]; then
+  initUser
+fi
+issueAWS