TrueCloudLab/frostfs-http-gw
16
1
Fork 17
Code Issues 11 Pull requests 4 Projects Releases 9 Activity Actions

[#163] Support JSON bearer token #172

Open
r.loginov wants to merge 1 commit from r.loginov/frostfs-http-gw:feature/163-add_support_json_bearer_token into master
pull from: r.loginov/frostfs-http-gw:feature/163-add_support_json_bearer_token
merge into: TrueCloudLab:master
Conversation 0 Commits 1 Files changed 3 +66 -22
r.loginov commented 2024-11-29 06:56:51 +00:00
Member
Copy link

close #163

Checking the work (with aio):

$ frostfs-cli container create -r localhost:8080 --wallet ./s3-gw/user-wallet.json --policy "REP 1"  --basic-acl 0 --await
Enter password > 
CID: AXjb22KLET3FjeJJxNJAUHUL4EEn92BFbV95d2Womj3q
awaiting...
container has been persisted on sidechain

$ frostfs-cli ape-manager add -r localhost:8080 --wallet ./s3-gw/user-wallet.json \
  --target-type container --target-name AXjb22KLET3FjeJJxNJAUHUL4EEn92BFbV95d2Womj3q \
  --rule "allow Object.* RequestCondition:"\$Actor:publicKey"=0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6 *" \
  --chain-id uniqChainID
Parsed chain:
Chain ID: uniqChainID
     HEX: 756e6971436861696e4944
Rules:

        Status: Allowed
        Any: false
        Conditions:
                Request $Actor:publicKey StringEquals 0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6
        Actions:        Inverted:false
                PutObject
                GetObject
                HeadObject
                DeleteObject
                SearchObject
                RangeObject
                HashObject
        Resources:      Inverted:false
                native:object/*
Enter password > 
Rule has been added.
Chain ID:  uniqChainID

$ frostfs-cli util sign bearer-token --json --from bearer.json --to signed.json -w ./s3-gw/user-wallet.json 
Enter password > 
signed bearer token was successfully dumped to signed.json

$ base64 -w 0 signed.json
eyJib2R5Ijp7ImVhY2xUYWJsZSI6bnVsbCwib3duZXJJRCI6bnVsbCwibGlmZXRpbWUiOnsiZXhwIjoiMTAwMDAiLCJuYmYiOiIwIiwiaWF0IjoiMCJ9LCJhbGxvd0ltcGVyc29uYXRlIjp0cnVlLCJhcGVPdmVycmlkZSI6bnVsbH0sInNpZ25hdHVyZSI6eyJrZXkiOiJBeVRuWW9qOHVRQVFEUUdBS2hUdmwzektSYTBITldFakJFYmZGTE5FeUZpMiIsInNpZ25hdHVyZSI6IkJNU0dKSXB4blFQMkJYT0RHWjVpejR2WC9ET3F6RlY3UWprZ2FROVNiWUpFYnJmODEwbUlGYVA4elhxODhlYkRJaHZUZWY1YzRBN0FuVkQ0TzVRWGNLYz0iLCJzY2hlbWUiOiJFQ0RTQV9TSEE1MTIifX0=

$  curl -F 'file=@Makefile;filename=makefile' -H "Authorization: Bearer eyJib2R5Ijp7ImVhY2xUYWJsZSI6bnVsbCwib3duZXJJRCI6bnVsbCwibGlmZXRpbWUiOnsiZXhwIjoiMTAwMDAiLCJuYmYiOiIwIiwiaWF0IjoiMCJ
9LCJhbGxvd0ltcGVyc29uYXRlIjp0cnVlLCJhcGVPdmVycmlkZSI6bnVsbH0sInNpZ25hdHVyZSI6eyJrZXkiOiJBeVRuWW9qOHVRQVFEUUdBS2hUdmwzektSYTBITldFakJFYmZGTE5FeUZpMiIsInNpZ25hdHVyZSI6IkJNU0dKSXB4blFQMkJYT0
RHWjVpejR2WC9ET3F6RlY3UWprZ2FROVNiWUpFYnJmODEwbUlGYVA4elhxODhlYkRJaHZUZWY1YzRBN0FuVkQ0TzVRWGNLYz0iLCJzY2hlbWUiOiJFQ0RTQV9TSEE1MTIifX0="   http://localhost:8881/upload/AXjb22KLET3FjeJJxNJA
UHUL4EEn92BFbV95d2Womj3q
{
        "object_id": "BmgCNztbLwPU428MCTydSm3msTmtGmmBwMAo5bm9eC6g",
        "container_id": "AXjb22KLET3FjeJJxNJAUHUL4EEn92BFbV95d2Womj3q"
}
close #163 Checking the work (with aio): ``` $ frostfs-cli container create -r localhost:8080 --wallet ./s3-gw/user-wallet.json --policy "REP 1" --basic-acl 0 --await Enter password > CID: AXjb22KLET3FjeJJxNJAUHUL4EEn92BFbV95d2Womj3q awaiting... container has been persisted on sidechain $ frostfs-cli ape-manager add -r localhost:8080 --wallet ./s3-gw/user-wallet.json \ --target-type container --target-name AXjb22KLET3FjeJJxNJAUHUL4EEn92BFbV95d2Womj3q \ --rule "allow Object.* RequestCondition:"\$Actor:publicKey"=0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6 *" \ --chain-id uniqChainID Parsed chain: Chain ID: uniqChainID HEX: 756e6971436861696e4944 Rules: Status: Allowed Any: false Conditions: Request $Actor:publicKey StringEquals 0324e76288fcb900100d01802a14ef977cca45ad073561230446df14b344c858b6 Actions: Inverted:false PutObject GetObject HeadObject DeleteObject SearchObject RangeObject HashObject Resources: Inverted:false native:object/* Enter password > Rule has been added. Chain ID: uniqChainID $ frostfs-cli util sign bearer-token --json --from bearer.json --to signed.json -w ./s3-gw/user-wallet.json Enter password > signed bearer token was successfully dumped to signed.json $ base64 -w 0 signed.json eyJib2R5Ijp7ImVhY2xUYWJsZSI6bnVsbCwib3duZXJJRCI6bnVsbCwibGlmZXRpbWUiOnsiZXhwIjoiMTAwMDAiLCJuYmYiOiIwIiwiaWF0IjoiMCJ9LCJhbGxvd0ltcGVyc29uYXRlIjp0cnVlLCJhcGVPdmVycmlkZSI6bnVsbH0sInNpZ25hdHVyZSI6eyJrZXkiOiJBeVRuWW9qOHVRQVFEUUdBS2hUdmwzektSYTBITldFakJFYmZGTE5FeUZpMiIsInNpZ25hdHVyZSI6IkJNU0dKSXB4blFQMkJYT0RHWjVpejR2WC9ET3F6RlY3UWprZ2FROVNiWUpFYnJmODEwbUlGYVA4elhxODhlYkRJaHZUZWY1YzRBN0FuVkQ0TzVRWGNLYz0iLCJzY2hlbWUiOiJFQ0RTQV9TSEE1MTIifX0= $ curl -F 'file=@Makefile;filename=makefile' -H "Authorization: Bearer eyJib2R5Ijp7ImVhY2xUYWJsZSI6bnVsbCwib3duZXJJRCI6bnVsbCwibGlmZXRpbWUiOnsiZXhwIjoiMTAwMDAiLCJuYmYiOiIwIiwiaWF0IjoiMCJ 9LCJhbGxvd0ltcGVyc29uYXRlIjp0cnVlLCJhcGVPdmVycmlkZSI6bnVsbH0sInNpZ25hdHVyZSI6eyJrZXkiOiJBeVRuWW9qOHVRQVFEUUdBS2hUdmwzektSYTBITldFakJFYmZGTE5FeUZpMiIsInNpZ25hdHVyZSI6IkJNU0dKSXB4blFQMkJYT0 RHWjVpejR2WC9ET3F6RlY3UWprZ2FROVNiWUpFYnJmODEwbUlGYVA4elhxODhlYkRJaHZUZWY1YzRBN0FuVkQ0TzVRWGNLYz0iLCJzY2hlbWUiOiJFQ0RTQV9TSEE1MTIifX0=" http://localhost:8881/upload/AXjb22KLET3FjeJJxNJA UHUL4EEn92BFbV95d2Womj3q { "object_id": "BmgCNztbLwPU428MCTydSm3msTmtGmmBwMAo5bm9eC6g", "container_id": "AXjb22KLET3FjeJJxNJAUHUL4EEn92BFbV95d2Womj3q" } ```
r.loginov self-assigned this 2024-11-29 06:56:51 +00:00
r.loginov added 1 commit 2024-11-29 06:56:51 +00:00
[#163] Support JSON bearer token
All checks were successful
/ DCO (pull_request) Successful in 1m43s
Details
/ Vulncheck (pull_request) Successful in 2m0s
Details
/ Builds (pull_request) Successful in 2m20s
Details
/ Lint (pull_request) Successful in 3m25s
Details
/ Tests (pull_request) Successful in 1m56s
Details
4478d638ad 
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
r.loginov requested review from alexvanin 2024-11-29 06:56:51 +00:00
r.loginov requested review from dkirillov 2024-11-29 06:56:51 +00:00
r.loginov removed review request for alexvanin 2024-11-29 06:57:11 +00:00
r.loginov removed review request for dkirillov 2024-11-29 06:57:11 +00:00
r.loginov requested review from alexvanin 2024-11-29 07:08:32 +00:00
r.loginov requested review from dkirillov 2024-11-29 07:08:32 +00:00
r.loginov requested review from pogpp 2024-11-29 07:08:33 +00:00
r.loginov requested review from mbiryukova 2024-11-29 07:08:33 +00:00
r.loginov requested review from nzinkevich 2024-11-29 07:08:33 +00:00
dkirillov approved these changes 2024-11-29 08:11:37 +00:00
Dismissed
dkirillov left a comment
Member
Copy link

LGTM, but can we add some integration test (see putWithBearerTokenInHeader in cmd/http-gw/integration_test.go)

LGTM, but can we add some integration test (see `putWithBearerTokenInHeader` in `cmd/http-gw/integration_test.go`)
👍 1
r.loginov force-pushed feature/163-add_support_json_bearer_token from 4478d638ad to 58e7f3d583 2024-11-29 11:51:52 +00:00 Compare
r.loginov dismissed dkirillov's review 2024-11-29 11:51:52 +00:00
Reason:

New commits pushed, approval review dismissed automatically according to repository settings

mbiryukova approved these changes 2024-12-02 09:21:51 +00:00
dkirillov approved these changes 2024-12-02 13:33:19 +00:00
nzinkevich approved these changes 2024-12-04 12:36:54 +00:00
All checks were successful
/ DCO (pull_request) Successful in 2m11s
Details
/ Vulncheck (pull_request) Successful in 2m16s
Details
/ Builds (pull_request) Successful in 1m45s
Details
/ Lint (pull_request) Successful in 2m21s
Details
/ Tests (pull_request) Successful in 1m47s
Details
This pull request can be merged automatically.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u feature/163-add_support_json_bearer_token:r.loginov-feature/163-add_support_json_bearer_token
git checkout r.loginov-feature/163-add_support_json_bearer_token
Sign in to join this conversation.
Reviewers
No reviewers
alexvanin
pogpp
mbiryukova
dkirillov
nzinkevich
Labels
Clear labels   
P0

Highest

  
P1

High

  
P2

Medium

  
P3

Low

  
good first issue

Good for newcomers

  
Infrastructure

Infrastructure, Automation, CI/CD or DevOps related stuff

  
blocked

The issue or PR is blocked by something

  
bug

Something is not working

  
config

Configuration format update or breaking change

  
discussion

Talking about something in order to reach a decision or to exchange ideas

  
documentation

Documentation related

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
go

Language features adoption

  
help wanted

Extra attention is needed

  
internal

   
invalid

Something is wrong

  
kludge

This is a kludge and we know it

  
observability

Related to metrics, tracing and logs

  
perfomance

Perfomance related

  
question

More information is needed

  
refactoring

Refactoring

  
wontfix

This won't be fixed

No labels
P0
P1
P2
P3
good first issue
Infrastructure
blocked
bug
config
discussion
documentation
duplicate
enhancement
go
help wanted
internal
invalid
kludge
observability
perfomance
question
refactoring
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
r.loginov
4 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: TrueCloudLab/frostfs-http-gw#172
No description provided.
Delete branch "r.loginov/frostfs-http-gw:feature/163-add_support_json_bearer_token"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?