[#73] Add missed CORS

Allow X-Bearer-For-All-Users, X-Bearer-Lifetime headers.
Add CORS to /auth/bearer route.

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov 2022-10-06 17:40:14 +03:00 committed by Alex Vanin
parent b2fdb8c5f8
commit feaea15aa7
8 changed files with 247 additions and 1 deletions

View file

@ -193,6 +193,23 @@ func init() {
}
}
}
},
"options": {
"security": [],
"operationId": "optionsAuthBearer",
"responses": {
"200": {
"description": "CORS",
"headers": {
"Access-Control-Allow-Headers": {
"type": "string"
},
"Access-Control-Allow-Origin": {
"type": "string"
}
}
}
}
}
},
"/containers": {
@ -1822,6 +1839,23 @@ func init() {
}
}
}
},
"options": {
"security": [],
"operationId": "optionsAuthBearer",
"responses": {
"200": {
"description": "CORS",
"headers": {
"Access-Control-Allow-Headers": {
"type": "string"
},
"Access-Control-Allow-Origin": {
"type": "string"
}
}
}
}
}
},
"/containers": {

View file

@ -74,6 +74,9 @@ func NewNeofsRestGwAPI(spec *loads.Document) *NeofsRestGwAPI {
OptionsAuthHandler: OptionsAuthHandlerFunc(func(params OptionsAuthParams) middleware.Responder {
return middleware.NotImplemented("operation OptionsAuth has not yet been implemented")
}),
OptionsAuthBearerHandler: OptionsAuthBearerHandlerFunc(func(params OptionsAuthBearerParams) middleware.Responder {
return middleware.NotImplemented("operation OptionsAuthBearer has not yet been implemented")
}),
OptionsContainersEACLHandler: OptionsContainersEACLHandlerFunc(func(params OptionsContainersEACLParams) middleware.Responder {
return middleware.NotImplemented("operation OptionsContainersEACL has not yet been implemented")
}),
@ -174,6 +177,8 @@ type NeofsRestGwAPI struct {
ListContainersHandler ListContainersHandler
// OptionsAuthHandler sets the operation handler for the options auth operation
OptionsAuthHandler OptionsAuthHandler
// OptionsAuthBearerHandler sets the operation handler for the options auth bearer operation
OptionsAuthBearerHandler OptionsAuthBearerHandler
// OptionsContainersEACLHandler sets the operation handler for the options containers e ACL operation
OptionsContainersEACLHandler OptionsContainersEACLHandler
// OptionsContainersGetDeleteHandler sets the operation handler for the options containers get delete operation
@ -305,6 +310,9 @@ func (o *NeofsRestGwAPI) Validate() error {
if o.OptionsAuthHandler == nil {
unregistered = append(unregistered, "OptionsAuthHandler")
}
if o.OptionsAuthBearerHandler == nil {
unregistered = append(unregistered, "OptionsAuthBearerHandler")
}
if o.OptionsContainersEACLHandler == nil {
unregistered = append(unregistered, "OptionsContainersEACLHandler")
}
@ -477,6 +485,10 @@ func (o *NeofsRestGwAPI) initHandlerCache() {
if o.handlers["OPTIONS"] == nil {
o.handlers["OPTIONS"] = make(map[string]http.Handler)
}
o.handlers["OPTIONS"]["/auth/bearer"] = NewOptionsAuthBearer(o.context, o.OptionsAuthBearerHandler)
if o.handlers["OPTIONS"] == nil {
o.handlers["OPTIONS"] = make(map[string]http.Handler)
}
o.handlers["OPTIONS"]["/containers/{containerId}/eacl"] = NewOptionsContainersEACL(o.context, o.OptionsContainersEACLHandler)
if o.handlers["OPTIONS"] == nil {
o.handlers["OPTIONS"] = make(map[string]http.Handler)

View file

@ -0,0 +1,56 @@
// Code generated by go-swagger; DO NOT EDIT.
package operations
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
)
// OptionsAuthBearerHandlerFunc turns a function with the right signature into a options auth bearer handler
type OptionsAuthBearerHandlerFunc func(OptionsAuthBearerParams) middleware.Responder
// Handle executing the request and returning a response
func (fn OptionsAuthBearerHandlerFunc) Handle(params OptionsAuthBearerParams) middleware.Responder {
return fn(params)
}
// OptionsAuthBearerHandler interface for that can handle valid options auth bearer params
type OptionsAuthBearerHandler interface {
Handle(OptionsAuthBearerParams) middleware.Responder
}
// NewOptionsAuthBearer creates a new http.Handler for the options auth bearer operation
func NewOptionsAuthBearer(ctx *middleware.Context, handler OptionsAuthBearerHandler) *OptionsAuthBearer {
return &OptionsAuthBearer{Context: ctx, Handler: handler}
}
/* OptionsAuthBearer swagger:route OPTIONS /auth/bearer optionsAuthBearer
OptionsAuthBearer options auth bearer API
*/
type OptionsAuthBearer struct {
Context *middleware.Context
Handler OptionsAuthBearerHandler
}
func (o *OptionsAuthBearer) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewOptionsAuthBearerParams()
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

View file

@ -0,0 +1,46 @@
// Code generated by go-swagger; DO NOT EDIT.
package operations
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime/middleware"
)
// NewOptionsAuthBearerParams creates a new OptionsAuthBearerParams object
//
// There are no default values defined in the spec.
func NewOptionsAuthBearerParams() OptionsAuthBearerParams {
return OptionsAuthBearerParams{}
}
// OptionsAuthBearerParams contains all the bound params for the options auth bearer operation
// typically these are obtained from a http.Request
//
// swagger:parameters optionsAuthBearer
type OptionsAuthBearerParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewOptionsAuthBearerParams() beforehand.
func (o *OptionsAuthBearerParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

View file

@ -0,0 +1,80 @@
// Code generated by go-swagger; DO NOT EDIT.
package operations
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
)
// OptionsAuthBearerOKCode is the HTTP code returned for type OptionsAuthBearerOK
const OptionsAuthBearerOKCode int = 200
/*OptionsAuthBearerOK CORS
swagger:response optionsAuthBearerOK
*/
type OptionsAuthBearerOK struct {
/*
*/
AccessControlAllowHeaders string `json:"Access-Control-Allow-Headers"`
/*
*/
AccessControlAllowOrigin string `json:"Access-Control-Allow-Origin"`
}
// NewOptionsAuthBearerOK creates OptionsAuthBearerOK with default headers values
func NewOptionsAuthBearerOK() *OptionsAuthBearerOK {
return &OptionsAuthBearerOK{}
}
// WithAccessControlAllowHeaders adds the accessControlAllowHeaders to the options auth bearer o k response
func (o *OptionsAuthBearerOK) WithAccessControlAllowHeaders(accessControlAllowHeaders string) *OptionsAuthBearerOK {
o.AccessControlAllowHeaders = accessControlAllowHeaders
return o
}
// SetAccessControlAllowHeaders sets the accessControlAllowHeaders to the options auth bearer o k response
func (o *OptionsAuthBearerOK) SetAccessControlAllowHeaders(accessControlAllowHeaders string) {
o.AccessControlAllowHeaders = accessControlAllowHeaders
}
// WithAccessControlAllowOrigin adds the accessControlAllowOrigin to the options auth bearer o k response
func (o *OptionsAuthBearerOK) WithAccessControlAllowOrigin(accessControlAllowOrigin string) *OptionsAuthBearerOK {
o.AccessControlAllowOrigin = accessControlAllowOrigin
return o
}
// SetAccessControlAllowOrigin sets the accessControlAllowOrigin to the options auth bearer o k response
func (o *OptionsAuthBearerOK) SetAccessControlAllowOrigin(accessControlAllowOrigin string) {
o.AccessControlAllowOrigin = accessControlAllowOrigin
}
// WriteResponse to the client
func (o *OptionsAuthBearerOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
// response header Access-Control-Allow-Headers
accessControlAllowHeaders := o.AccessControlAllowHeaders
if accessControlAllowHeaders != "" {
rw.Header().Set("Access-Control-Allow-Headers", accessControlAllowHeaders)
}
// response header Access-Control-Allow-Origin
accessControlAllowOrigin := o.AccessControlAllowOrigin
if accessControlAllowOrigin != "" {
rw.Header().Set("Access-Control-Allow-Origin", accessControlAllowOrigin)
}
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
rw.WriteHeader(200)
}

View file

@ -100,6 +100,7 @@ func (a *API) Configure(api *operations.NeofsRestGwAPI) http.Handler {
api.OptionsAuthHandler = operations.OptionsAuthHandlerFunc(a.OptionsAuth)
api.AuthHandler = operations.AuthHandlerFunc(a.PostAuth)
api.OptionsAuthBearerHandler = operations.OptionsAuthBearerHandlerFunc(a.OptionsAuthBearer)
api.FormBinaryBearerHandler = operations.FormBinaryBearerHandlerFunc(a.FormBinaryBearer)
api.GetBalanceHandler = operations.GetBalanceHandlerFunc(a.Balance)

View file

@ -8,7 +8,7 @@ import (
const (
allOrigins = "*"
allowMethods = "PUT, DELETE"
allowHeaders = "X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
allowHeaders = "X-Bearer-For-All-Users, X-Bearer-Lifetime, X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
)
func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
@ -17,6 +17,12 @@ func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
WithAccessControlAllowHeaders(allowHeaders)
}
func (a *API) OptionsAuthBearer(operations.OptionsAuthBearerParams) middleware.Responder {
return operations.NewOptionsAuthBearerOK().
WithAccessControlAllowOrigin(allOrigins).
WithAccessControlAllowHeaders(allowHeaders)
}
func (a *API) OptionsObjectSearch(operations.OptionsObjectsSearchParams) middleware.Responder {
return operations.NewOptionsObjectsSearchOK().
WithAccessControlAllowOrigin(allOrigins).

View file

@ -118,6 +118,17 @@ paths:
$ref: '#/definitions/ErrorResponse'
/auth/bearer:
options:
operationId: optionsAuthBearer
security: [ ]
responses:
200:
description: CORS
headers:
Access-Control-Allow-Origin:
type: string
Access-Control-Allow-Headers:
type: string
get:
operationId: formBinaryBearer
summary: Form binary bearer token