TrueCloudLab/frostfs-node
19
1
Fork 27
Code Issues 91 Pull requests 7 Projects Releases 1 Activity Actions

[#943] service/object: Return error if requested session token is not available

Browse source 
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
Alex Vanin 2021-10-25 15:10:13 +03:00 committed by Alex Vanin
parent 0f598289f6
commit 46fa07b7cc
2 changed files with 81 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
pkg/services/object/util/key.go
View file

@ -2,11 +2,15 @@ package util
import ( import (
"crypto/ecdsa" "crypto/ecdsa"
"errors"
"github.com/nspcc-dev/neofs-api-go/pkg/session" "github.com/nspcc-dev/neofs-api-go/pkg/session"
"github.com/nspcc-dev/neofs-node/pkg/services/session/storage" "github.com/nspcc-dev/neofs-node/pkg/services/session/storage"
) )
// todo(alexvanin): should be a part of status API
var errNoSessionToken = errors.New("session token does not exist")
// KeyStorage represents private key storage of the local node. // KeyStorage represents private key storage of the local node.
type KeyStorage struct { type KeyStorage struct {
key *ecdsa.PrivateKey key *ecdsa.PrivateKey
@ -32,6 +36,7 @@ func (s *KeyStorage) GetKey(token *session.Token) (*ecdsa.PrivateKey, error) {
if pToken != nil { if pToken != nil {
return pToken.SessionKey(), nil return pToken.SessionKey(), nil
} }
return nil, errNoSessionToken
} }
return s.key, nil return s.key, nil

76
pkg/services/object/util/key_test.go Normal file
View file

@ -0,0 +1,76 @@
package util_test
import (
"context"
"crypto/elliptic"
"testing"
"github.com/google/uuid"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/nspcc-dev/neofs-api-go/pkg/session"
sessionV2 "github.com/nspcc-dev/neofs-api-go/v2/session"
"github.com/nspcc-dev/neofs-node/pkg/services/object/util"
tokenStorage "github.com/nspcc-dev/neofs-node/pkg/services/session/storage"
"github.com/stretchr/testify/require"
)
func TestNewKeyStorage(t *testing.T) {
nodeKey, err := keys.NewPrivateKey()
require.NoError(t, err)
tokenStor := tokenStorage.New()
stor := util.NewKeyStorage(&nodeKey.PrivateKey, tokenStor)
t.Run("node key", func(t *testing.T) {
key, err := stor.GetKey(nil)
require.NoError(t, err)
require.Equal(t, nodeKey.PrivateKey, *key)
})
t.Run("unknown token", func(t *testing.T) {
tok := generateToken(t)
_, err = stor.GetKey(tok)
require.Error(t, err)
})
t.Run("known token", func(t *testing.T) {
tok := createToken(t, tokenStor, 100)
pubKey, err := keys.NewPublicKeyFromBytes(tok.SessionKey(), elliptic.P256())
require.NoError(t, err)
key, err := stor.GetKey(tok)
require.NoError(t, err)
require.Equal(t, pubKey.X, key.PublicKey.X)
require.Equal(t, pubKey.Y, key.PublicKey.Y)
})
}
func generateToken(t *testing.T) *session.Token {
key, err := keys.NewPrivateKey()
require.NoError(t, err)
pubKey := key.PublicKey().Bytes()
id, err := uuid.New().MarshalBinary()
require.NoError(t, err)
tok := session.NewToken()
tok.SetSessionKey(pubKey)
tok.SetID(id)
return tok
}
func createToken(t *testing.T, store *tokenStorage.TokenStore, exp uint64) *session.Token {
req := new(sessionV2.CreateRequestBody)
req.SetOwnerID(nil)
req.SetExpiration(exp)
resp, err := store.Create(context.Background(), req)
require.NoError(t, err)
tok := session.NewToken()
tok.SetSessionKey(resp.GetSessionKey())
tok.SetID(resp.GetID())
return tok
}