[#46] Add per-service context to SessionToken
Signed-off-by: Stanislav Bogatyrev <stanislav@nspcc.ru>
This commit is contained in:
parent
af26bd2b5d
commit
f87d70ca23
3 changed files with 63 additions and 48 deletions
|
@ -8,6 +8,7 @@
|
||||||
- Messages
|
- Messages
|
||||||
- [BearerToken](#neo.fs.v2.service.BearerToken)
|
- [BearerToken](#neo.fs.v2.service.BearerToken)
|
||||||
- [BearerToken.Body](#neo.fs.v2.service.BearerToken.Body)
|
- [BearerToken.Body](#neo.fs.v2.service.BearerToken.Body)
|
||||||
|
- [ObjectServiceContext](#neo.fs.v2.service.ObjectServiceContext)
|
||||||
- [RequestMetaHeader](#neo.fs.v2.service.RequestMetaHeader)
|
- [RequestMetaHeader](#neo.fs.v2.service.RequestMetaHeader)
|
||||||
- [ResponseMetaHeader](#neo.fs.v2.service.ResponseMetaHeader)
|
- [ResponseMetaHeader](#neo.fs.v2.service.ResponseMetaHeader)
|
||||||
- [SessionToken](#neo.fs.v2.service.SessionToken)
|
- [SessionToken](#neo.fs.v2.service.SessionToken)
|
||||||
|
@ -63,6 +64,18 @@ Bearer Token body
|
||||||
| lifetime | [TokenLifetime](#neo.fs.v2.service.TokenLifetime) | | Token expiration and valid time period parameters |
|
| lifetime | [TokenLifetime](#neo.fs.v2.service.TokenLifetime) | | Token expiration and valid time period parameters |
|
||||||
|
|
||||||
|
|
||||||
|
<a name="neo.fs.v2.service.ObjectServiceContext"></a>
|
||||||
|
|
||||||
|
### Message ObjectServiceContext
|
||||||
|
Context information for Session Tokens related to ObjectService requests
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Label | Description |
|
||||||
|
| ----- | ---- | ----- | ----------- |
|
||||||
|
| verb | [ObjectServiceContext.Verb](#neo.fs.v2.service.ObjectServiceContext.Verb) | | Verb is a type of request for which the token is issued |
|
||||||
|
| address | [neo.fs.v2.refs.Address](#neo.fs.v2.refs.Address) | | Related Object address |
|
||||||
|
|
||||||
|
|
||||||
<a name="neo.fs.v2.service.RequestMetaHeader"></a>
|
<a name="neo.fs.v2.service.RequestMetaHeader"></a>
|
||||||
|
|
||||||
### Message RequestMetaHeader
|
### Message RequestMetaHeader
|
||||||
|
@ -117,10 +130,9 @@ Session token body
|
||||||
| ----- | ---- | ----- | ----------- |
|
| ----- | ---- | ----- | ----------- |
|
||||||
| id | [bytes](#bytes) | | ID is a token identifier. valid UUIDv4 represented in bytes |
|
| id | [bytes](#bytes) | | ID is a token identifier. valid UUIDv4 represented in bytes |
|
||||||
| owner_id | [neo.fs.v2.refs.OwnerID](#neo.fs.v2.refs.OwnerID) | | OwnerID carries identifier of the session initiator. |
|
| owner_id | [neo.fs.v2.refs.OwnerID](#neo.fs.v2.refs.OwnerID) | | OwnerID carries identifier of the session initiator. |
|
||||||
| verb | [SessionToken.Body.Verb](#neo.fs.v2.service.SessionToken.Body.Verb) | | Verb is a type of request for which the token is issued |
|
|
||||||
| lifetime | [TokenLifetime](#neo.fs.v2.service.TokenLifetime) | | Lifetime is a lifetime of the session |
|
| lifetime | [TokenLifetime](#neo.fs.v2.service.TokenLifetime) | | Lifetime is a lifetime of the session |
|
||||||
| session_key | [bytes](#bytes) | | SessionKey is a public key of session key |
|
| session_key | [bytes](#bytes) | | SessionKey is a public key of session key |
|
||||||
| object_address | [neo.fs.v2.refs.Address](#neo.fs.v2.refs.Address) | | object_address represents the object session context. |
|
| object_service | [ObjectServiceContext](#neo.fs.v2.service.ObjectServiceContext) | | ObjectService session context. |
|
||||||
|
|
||||||
|
|
||||||
<a name="neo.fs.v2.service.TokenLifetime"></a>
|
<a name="neo.fs.v2.service.TokenLifetime"></a>
|
||||||
|
@ -162,21 +174,21 @@ Extended headers for Request/Response
|
||||||
<!-- end messages -->
|
<!-- end messages -->
|
||||||
|
|
||||||
|
|
||||||
<a name="neo.fs.v2.service.SessionToken.Body.Verb"></a>
|
<a name="neo.fs.v2.service.ObjectServiceContext.Verb"></a>
|
||||||
|
|
||||||
### SessionToken.Body.Verb
|
### ObjectServiceContext.Verb
|
||||||
Verb is an enumeration of session request types
|
Object request verbs
|
||||||
|
|
||||||
| Name | Number | Description |
|
| Name | Number | Description |
|
||||||
| ---- | ------ | ----------- |
|
| ---- | ------ | ----------- |
|
||||||
| VERB_UNSPECIFIED | 0 | Unknown verb |
|
| VERB_UNSPECIFIED | 0 | Unknown verb |
|
||||||
| OBJECT_PUT | 1 | Refers to object.Put RPC call |
|
| PUT | 1 | Refers to object.Put RPC call |
|
||||||
| OBJECT_GET | 2 | Refers to object.Get RPC call |
|
| GET | 2 | Refers to object.Get RPC call |
|
||||||
| OBJECT_HEAD | 3 | Refers to object.Head RPC call |
|
| HEAD | 3 | Refers to object.Head RPC call |
|
||||||
| OBJECT_SEARCH | 4 | Refers to object.Search RPC call |
|
| SEARCH | 4 | Refers to object.Search RPC call |
|
||||||
| OBJECT_DELETE | 5 | Refers to object.Delete RPC call |
|
| DELETE | 5 | Refers to object.Delete RPC call |
|
||||||
| OBJECT_RANGE | 6 | Refers to object.GetRange RPC call |
|
| RANGE | 6 | Refers to object.GetRange RPC call |
|
||||||
| OBJECT_RANGEHASH | 7 | Refers to object.GetRangeHash RPC call |
|
| RANGEHASH | 7 | Refers to object.GetRangeHash RPC call |
|
||||||
|
|
||||||
|
|
||||||
<!-- end enums -->
|
<!-- end enums -->
|
||||||
|
|
|
@ -39,6 +39,41 @@ message TokenLifetime {
|
||||||
uint64 iat = 3;
|
uint64 iat = 3;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Context information for Session Tokens related to ObjectService requests
|
||||||
|
message ObjectServiceContext {
|
||||||
|
// Object request verbs
|
||||||
|
enum Verb {
|
||||||
|
// Unknown verb
|
||||||
|
VERB_UNSPECIFIED = 0;
|
||||||
|
|
||||||
|
// Refers to object.Put RPC call
|
||||||
|
PUT = 1;
|
||||||
|
|
||||||
|
// Refers to object.Get RPC call
|
||||||
|
GET = 2;
|
||||||
|
|
||||||
|
// Refers to object.Head RPC call
|
||||||
|
HEAD = 3;
|
||||||
|
|
||||||
|
// Refers to object.Search RPC call
|
||||||
|
SEARCH = 4;
|
||||||
|
|
||||||
|
// Refers to object.Delete RPC call
|
||||||
|
DELETE = 5;
|
||||||
|
|
||||||
|
// Refers to object.GetRange RPC call
|
||||||
|
RANGE = 6;
|
||||||
|
|
||||||
|
// Refers to object.GetRangeHash RPC call
|
||||||
|
RANGEHASH = 7;
|
||||||
|
}
|
||||||
|
// Verb is a type of request for which the token is issued
|
||||||
|
Verb verb = 1;
|
||||||
|
|
||||||
|
// Related Object address
|
||||||
|
neo.fs.v2.refs.Address address = 2;
|
||||||
|
}
|
||||||
|
|
||||||
// NeoFS session token.
|
// NeoFS session token.
|
||||||
message SessionToken {
|
message SessionToken {
|
||||||
// Session token body
|
// Session token body
|
||||||
|
@ -49,45 +84,16 @@ message SessionToken {
|
||||||
// OwnerID carries identifier of the session initiator.
|
// OwnerID carries identifier of the session initiator.
|
||||||
neo.fs.v2.refs.OwnerID owner_id = 2;
|
neo.fs.v2.refs.OwnerID owner_id = 2;
|
||||||
|
|
||||||
// Verb is an enumeration of session request types
|
|
||||||
enum Verb {
|
|
||||||
// Unknown verb
|
|
||||||
VERB_UNSPECIFIED = 0;
|
|
||||||
|
|
||||||
// Refers to object.Put RPC call
|
|
||||||
OBJECT_PUT = 1;
|
|
||||||
|
|
||||||
// Refers to object.Get RPC call
|
|
||||||
OBJECT_GET = 2;
|
|
||||||
|
|
||||||
// Refers to object.Head RPC call
|
|
||||||
OBJECT_HEAD = 3;
|
|
||||||
|
|
||||||
// Refers to object.Search RPC call
|
|
||||||
OBJECT_SEARCH = 4;
|
|
||||||
|
|
||||||
// Refers to object.Delete RPC call
|
|
||||||
OBJECT_DELETE = 5;
|
|
||||||
|
|
||||||
// Refers to object.GetRange RPC call
|
|
||||||
OBJECT_RANGE = 6;
|
|
||||||
|
|
||||||
// Refers to object.GetRangeHash RPC call
|
|
||||||
OBJECT_RANGEHASH = 7;
|
|
||||||
}
|
|
||||||
// Verb is a type of request for which the token is issued
|
|
||||||
Verb verb = 3;
|
|
||||||
|
|
||||||
// Lifetime is a lifetime of the session
|
// Lifetime is a lifetime of the session
|
||||||
TokenLifetime lifetime = 4;
|
TokenLifetime lifetime = 3;
|
||||||
|
|
||||||
// SessionKey is a public key of session key
|
// SessionKey is a public key of session key
|
||||||
bytes session_key = 5;
|
bytes session_key = 4;
|
||||||
|
|
||||||
// Carries context of the session.
|
// Carries context of the session.
|
||||||
oneof context {
|
oneof context {
|
||||||
// object_address represents the object session context.
|
// ObjectService session context.
|
||||||
neo.fs.v2.refs.Address object_address = 6;
|
ObjectServiceContext object_service = 5;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Session Token body
|
// Session Token body
|
||||||
|
|
|
@ -5,9 +5,6 @@ package neo.fs.v2.service;
|
||||||
option go_package = "github.com/nspcc-dev/neofs-api-go/v2/service;service";
|
option go_package = "github.com/nspcc-dev/neofs-api-go/v2/service;service";
|
||||||
option csharp_namespace = "NeoFS.API.v2.Service";
|
option csharp_namespace = "NeoFS.API.v2.Service";
|
||||||
|
|
||||||
import "acl/types.proto";
|
|
||||||
import "refs/types.proto";
|
|
||||||
|
|
||||||
// Signature of something in NeoFS
|
// Signature of something in NeoFS
|
||||||
message Signature {
|
message Signature {
|
||||||
// Public key used for signing.
|
// Public key used for signing.
|
||||||
|
|
Loading…
Reference in a new issue