[#73] Add missed CORS

Allow X-Bearer-For-All-Users, X-Bearer-Lifetime headers.
Add CORS to /auth/bearer route.

Signed-off-by: Denis Kirillov <denis@nspcc.ru>

gen/restapi/embedded_spec.go

@@ -193,6 +193,23 @@ func init() {
             }
           }
         }
+      },
+      "options": {
+        "security": [],
+        "operationId": "optionsAuthBearer",
+        "responses": {
+          "200": {
+            "description": "CORS",
+            "headers": {
+              "Access-Control-Allow-Headers": {
+                "type": "string"
+              },
+              "Access-Control-Allow-Origin": {
+                "type": "string"
+              }
+            }
+          }
+        }
       }
     },
     "/containers": {
@@ -1822,6 +1839,23 @@ func init() {
             }
           }
         }
+      },
+      "options": {
+        "security": [],
+        "operationId": "optionsAuthBearer",
+        "responses": {
+          "200": {
+            "description": "CORS",
+            "headers": {
+              "Access-Control-Allow-Headers": {
+                "type": "string"
+              },
+              "Access-Control-Allow-Origin": {
+                "type": "string"
+              }
+            }
+          }
+        }
       }
     },
     "/containers": {

gen/restapi/operations/neofs_rest_gw_api.go

@@ -74,6 +74,9 @@ func NewNeofsRestGwAPI(spec *loads.Document) *NeofsRestGwAPI {
 		OptionsAuthHandler: OptionsAuthHandlerFunc(func(params OptionsAuthParams) middleware.Responder {
 			return middleware.NotImplemented("operation OptionsAuth has not yet been implemented")
 		}),
+		OptionsAuthBearerHandler: OptionsAuthBearerHandlerFunc(func(params OptionsAuthBearerParams) middleware.Responder {
+			return middleware.NotImplemented("operation OptionsAuthBearer has not yet been implemented")
+		}),
 		OptionsContainersEACLHandler: OptionsContainersEACLHandlerFunc(func(params OptionsContainersEACLParams) middleware.Responder {
 			return middleware.NotImplemented("operation OptionsContainersEACL has not yet been implemented")
 		}),
@@ -174,6 +177,8 @@ type NeofsRestGwAPI struct {
 	ListContainersHandler ListContainersHandler
 	// OptionsAuthHandler sets the operation handler for the options auth operation
 	OptionsAuthHandler OptionsAuthHandler
+	// OptionsAuthBearerHandler sets the operation handler for the options auth bearer operation
+	OptionsAuthBearerHandler OptionsAuthBearerHandler
 	// OptionsContainersEACLHandler sets the operation handler for the options containers e ACL operation
 	OptionsContainersEACLHandler OptionsContainersEACLHandler
 	// OptionsContainersGetDeleteHandler sets the operation handler for the options containers get delete operation
@@ -305,6 +310,9 @@ func (o *NeofsRestGwAPI) Validate() error {
 	if o.OptionsAuthHandler == nil {
 		unregistered = append(unregistered, "OptionsAuthHandler")
 	}
+	if o.OptionsAuthBearerHandler == nil {
+		unregistered = append(unregistered, "OptionsAuthBearerHandler")
+	}
 	if o.OptionsContainersEACLHandler == nil {
 		unregistered = append(unregistered, "OptionsContainersEACLHandler")
 	}
@@ -477,6 +485,10 @@ func (o *NeofsRestGwAPI) initHandlerCache() {
 	if o.handlers["OPTIONS"] == nil {
 		o.handlers["OPTIONS"] = make(map[string]http.Handler)
 	}
+	o.handlers["OPTIONS"]["/auth/bearer"] = NewOptionsAuthBearer(o.context, o.OptionsAuthBearerHandler)
+	if o.handlers["OPTIONS"] == nil {
+		o.handlers["OPTIONS"] = make(map[string]http.Handler)
+	}
 	o.handlers["OPTIONS"]["/containers/{containerId}/eacl"] = NewOptionsContainersEACL(o.context, o.OptionsContainersEACLHandler)
 	if o.handlers["OPTIONS"] == nil {
 		o.handlers["OPTIONS"] = make(map[string]http.Handler)

gen/restapi/operations/options_auth_bearer.go

@@ -0,0 +1,56 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package operations
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+)
+
+// OptionsAuthBearerHandlerFunc turns a function with the right signature into a options auth bearer handler
+type OptionsAuthBearerHandlerFunc func(OptionsAuthBearerParams) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn OptionsAuthBearerHandlerFunc) Handle(params OptionsAuthBearerParams) middleware.Responder {
+	return fn(params)
+}
+
+// OptionsAuthBearerHandler interface for that can handle valid options auth bearer params
+type OptionsAuthBearerHandler interface {
+	Handle(OptionsAuthBearerParams) middleware.Responder
+}
+
+// NewOptionsAuthBearer creates a new http.Handler for the options auth bearer operation
+func NewOptionsAuthBearer(ctx *middleware.Context, handler OptionsAuthBearerHandler) *OptionsAuthBearer {
+	return &OptionsAuthBearer{Context: ctx, Handler: handler}
+}
+
+/* OptionsAuthBearer swagger:route OPTIONS /auth/bearer optionsAuthBearer
+
+OptionsAuthBearer options auth bearer API
+
+*/
+type OptionsAuthBearer struct {
+	Context *middleware.Context
+	Handler OptionsAuthBearerHandler
+}
+
+func (o *OptionsAuthBearer) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewOptionsAuthBearerParams()
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}

gen/restapi/operations/options_auth_bearer_parameters.go

@@ -0,0 +1,46 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package operations
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime/middleware"
+)
+
+// NewOptionsAuthBearerParams creates a new OptionsAuthBearerParams object
+//
+// There are no default values defined in the spec.
+func NewOptionsAuthBearerParams() OptionsAuthBearerParams {
+
+	return OptionsAuthBearerParams{}
+}
+
+// OptionsAuthBearerParams contains all the bound params for the options auth bearer operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters optionsAuthBearer
+type OptionsAuthBearerParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewOptionsAuthBearerParams() beforehand.
+func (o *OptionsAuthBearerParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

gen/restapi/operations/options_auth_bearer_responses.go

@@ -0,0 +1,80 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package operations
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+)
+
+// OptionsAuthBearerOKCode is the HTTP code returned for type OptionsAuthBearerOK
+const OptionsAuthBearerOKCode int = 200
+
+/*OptionsAuthBearerOK CORS
+
+swagger:response optionsAuthBearerOK
+*/
+type OptionsAuthBearerOK struct {
+	/*
+
+	 */
+	AccessControlAllowHeaders string `json:"Access-Control-Allow-Headers"`
+	/*
+
+	 */
+	AccessControlAllowOrigin string `json:"Access-Control-Allow-Origin"`
+}
+
+// NewOptionsAuthBearerOK creates OptionsAuthBearerOK with default headers values
+func NewOptionsAuthBearerOK() *OptionsAuthBearerOK {
+
+	return &OptionsAuthBearerOK{}
+}
+
+// WithAccessControlAllowHeaders adds the accessControlAllowHeaders to the options auth bearer o k response
+func (o *OptionsAuthBearerOK) WithAccessControlAllowHeaders(accessControlAllowHeaders string) *OptionsAuthBearerOK {
+	o.AccessControlAllowHeaders = accessControlAllowHeaders
+	return o
+}
+
+// SetAccessControlAllowHeaders sets the accessControlAllowHeaders to the options auth bearer o k response
+func (o *OptionsAuthBearerOK) SetAccessControlAllowHeaders(accessControlAllowHeaders string) {
+	o.AccessControlAllowHeaders = accessControlAllowHeaders
+}
+
+// WithAccessControlAllowOrigin adds the accessControlAllowOrigin to the options auth bearer o k response
+func (o *OptionsAuthBearerOK) WithAccessControlAllowOrigin(accessControlAllowOrigin string) *OptionsAuthBearerOK {
+	o.AccessControlAllowOrigin = accessControlAllowOrigin
+	return o
+}
+
+// SetAccessControlAllowOrigin sets the accessControlAllowOrigin to the options auth bearer o k response
+func (o *OptionsAuthBearerOK) SetAccessControlAllowOrigin(accessControlAllowOrigin string) {
+	o.AccessControlAllowOrigin = accessControlAllowOrigin
+}
+
+// WriteResponse to the client
+func (o *OptionsAuthBearerOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	// response header Access-Control-Allow-Headers
+
+	accessControlAllowHeaders := o.AccessControlAllowHeaders
+	if accessControlAllowHeaders != "" {
+		rw.Header().Set("Access-Control-Allow-Headers", accessControlAllowHeaders)
+	}
+
+	// response header Access-Control-Allow-Origin
+
+	accessControlAllowOrigin := o.AccessControlAllowOrigin
+	if accessControlAllowOrigin != "" {
+		rw.Header().Set("Access-Control-Allow-Origin", accessControlAllowOrigin)
+	}
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(200)
+}

handlers/api.go

@@ -100,6 +100,7 @@ func (a *API) Configure(api *operations.NeofsRestGwAPI) http.Handler {
 	api.OptionsAuthHandler = operations.OptionsAuthHandlerFunc(a.OptionsAuth)
 	api.AuthHandler = operations.AuthHandlerFunc(a.PostAuth)
 
+	api.OptionsAuthBearerHandler = operations.OptionsAuthBearerHandlerFunc(a.OptionsAuthBearer)
 	api.FormBinaryBearerHandler = operations.FormBinaryBearerHandlerFunc(a.FormBinaryBearer)
 
 	api.GetBalanceHandler = operations.GetBalanceHandlerFunc(a.Balance)

handlers/preflight.go

@@ -8,7 +8,7 @@ import (
 const (
 	allOrigins   = "*"
 	allowMethods = "PUT, DELETE"
-	allowHeaders = "X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
+	allowHeaders = "X-Bearer-For-All-Users, X-Bearer-Lifetime, X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
 )
 
 func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
@@ -17,6 +17,12 @@ func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
 		WithAccessControlAllowHeaders(allowHeaders)
 }
 
+func (a *API) OptionsAuthBearer(operations.OptionsAuthBearerParams) middleware.Responder {
+	return operations.NewOptionsAuthBearerOK().
+		WithAccessControlAllowOrigin(allOrigins).
+		WithAccessControlAllowHeaders(allowHeaders)
+}
+
 func (a *API) OptionsObjectSearch(operations.OptionsObjectsSearchParams) middleware.Responder {
 	return operations.NewOptionsObjectsSearchOK().
 		WithAccessControlAllowOrigin(allOrigins).

spec/rest.yaml

@@ -118,6 +118,17 @@ paths:
             $ref: '#/definitions/ErrorResponse'
 
   /auth/bearer:
+    options:
+      operationId: optionsAuthBearer
+      security: [ ]
+      responses:
+        200:
+          description: CORS
+          headers:
+            Access-Control-Allow-Origin:
+              type: string
+            Access-Control-Allow-Headers:
+              type: string
     get:
       operationId: formBinaryBearer
       summary: Form binary bearer token