service: ad BearerToken to signed payload of the requests

This commit is contained in:
Leonard Lyubich 2020-06-18 15:26:56 +03:00
parent 3f7d3f8a86
commit a3569ad99e
3 changed files with 26 additions and 1 deletions

View file

@ -209,6 +209,9 @@ func SignRequestData(key *ecdsa.PrivateKey, src RequestSignedData) error {
NewSignedSessionToken(
src.GetSessionToken(),
),
NewSignedBearerToken(
src.GetBearerToken(),
),
)
if err != nil {
return err
@ -231,6 +234,9 @@ func VerifyRequestData(src RequestVerifyData) error {
NewVerifiedSessionToken(
src.GetSessionToken(),
),
NewVerifiedBearerToken(
src.GetBearerToken(),
),
)
if err != nil {
return err

View file

@ -279,14 +279,21 @@ func TestSignVerifyDataWithSessionToken(t *testing.T) {
var (
token = new(Token)
initVerb = Token_Info_Verb(1)
bearer = wrapBearerTokenMsg(new(BearerTokenMsg))
bearerEpoch = uint64(8)
)
token.SetVerb(initVerb)
bearer.SetExpirationEpoch(bearerEpoch)
// create test data with token
src := &testSignedDataSrc{
data: testData(t, 10),
token: token,
bearer: bearer,
}
// create test private key
@ -319,6 +326,18 @@ func TestSignVerifyDataWithSessionToken(t *testing.T) {
// ascertain that verification is passed
require.NoError(t, VerifyRequestData(src))
// break the Bearer token
bearer.SetExpirationEpoch(bearerEpoch + 1)
// ascertain that verification is failed
require.Error(t, VerifyRequestData(src))
// restore the Bearer token
bearer.SetExpirationEpoch(bearerEpoch)
// ascertain that verification is passed
require.NoError(t, VerifyRequestData(src))
// wrap to data reader
rdr := &testSignedDataReader{
testSignedDataSrc: src,

View file

@ -104,7 +104,7 @@ func (t testCustomField) MarshalTo(data []byte) (int, error) { return 0, nil }
// Marshal skip, it's for test usage only.
func (t testCustomField) Marshal() ([]byte, error) { return nil, nil }
// GetBearerToken returns wraps Bearer field and return BearerToken interface.
// GetBearerToken wraps Bearer field and return BearerToken interface.
//
// If Bearer field value is nil, nil returns.
func (m RequestVerificationHeader) GetBearerToken() BearerToken {