2022-03-20 19:55:47 +00:00
|
|
|
package persistent
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2022-05-17 13:59:46 +00:00
|
|
|
"errors"
|
2022-03-20 19:55:47 +00:00
|
|
|
"fmt"
|
|
|
|
|
2023-03-07 13:38:26 +00:00
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/session/storage"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
2022-03-20 19:55:47 +00:00
|
|
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
|
|
|
"go.etcd.io/bbolt"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Create inits a new private session token using information
|
|
|
|
// from corresponding request, saves it to bolt database (and
|
|
|
|
// encrypts private keys if storage has been configured so).
|
|
|
|
// Returns response that is filled with just created token's
|
|
|
|
// ID and public key for it.
|
|
|
|
func (s *TokenStore) Create(ctx context.Context, body *session.CreateRequestBody) (*session.CreateResponseBody, error) {
|
2022-05-17 13:59:46 +00:00
|
|
|
idV2 := body.GetOwnerID()
|
|
|
|
if idV2 == nil {
|
|
|
|
return nil, errors.New("missing owner")
|
|
|
|
}
|
|
|
|
|
|
|
|
var id user.ID
|
|
|
|
|
|
|
|
err := id.ReadFromV2(*idV2)
|
2022-03-20 19:55:47 +00:00
|
|
|
if err != nil {
|
2022-05-17 13:59:46 +00:00
|
|
|
return nil, fmt.Errorf("invalid owner: %w", err)
|
2022-03-20 19:55:47 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
uidBytes, err := storage.NewTokenID()
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("could not generate token ID: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
sk, err := keys.NewPrivateKey()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2022-03-21 11:53:49 +00:00
|
|
|
value, err := s.packToken(body.GetExpiration(), &sk.PrivateKey)
|
2022-03-20 19:55:47 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = s.db.Update(func(tx *bbolt.Tx) error {
|
|
|
|
rootBucket := tx.Bucket(sessionsBucket)
|
|
|
|
|
2022-05-17 13:59:46 +00:00
|
|
|
ownerBucket, err := rootBucket.CreateBucketIfNotExists(id.WalletBytes())
|
2022-03-20 19:55:47 +00:00
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf(
|
2022-05-17 13:59:46 +00:00
|
|
|
"could not get/create %s owner bucket: %w", id, err)
|
2022-03-20 19:55:47 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
err = ownerBucket.Put(uidBytes, value)
|
|
|
|
if err != nil {
|
2022-05-17 13:59:46 +00:00
|
|
|
return fmt.Errorf("could not put session token for %s oid: %w", id, err)
|
2022-03-20 19:55:47 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("could not save token to persistent storage: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
res := new(session.CreateResponseBody)
|
|
|
|
res.SetID(uidBytes)
|
|
|
|
res.SetSessionKey(sk.PublicKey().Bytes())
|
|
|
|
|
|
|
|
return res, nil
|
|
|
|
}
|