gen/models/storage_group.go

@@ -15,6 +15,7 @@ import (
 )
 
 // StorageGroup Storage group keeps verification information for Data Audit sessions.
+// Example: {"address":{"containerId":"5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv","objectId":"9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"},"expirationEpoch":5000,"members":["8N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"],"name":"my-storage-group","size":4096}
 //
 // swagger:model StorageGroup
 type StorageGroup struct {
@@ -24,11 +25,11 @@ type StorageGroup struct {
 	// Read Only: true
 	Address *Address `json:"address"`
 
-	// expiration epoch
+	// Expiration epoch of storage group.
 	// Required: true
 	ExpirationEpoch *string `json:"expirationEpoch"`
 
-	// hash
+	// Homomorphic hash from the concatenation of the payloads of the storage group members. Empty means hashing is disabled.
 	Hash string `json:"hash,omitempty"`
 
 	// Object identifiers to be placed into storage group. Must be unique.
@@ -38,7 +39,7 @@ type StorageGroup struct {
 	// Name of storage group. It will be the value of the `FileName` attribute in storage group object.
 	Name string `json:"name,omitempty"`
 
-	// size
+	// Total size of the payloads of objects in the storage group.
 	// Required: true
 	Size *string `json:"size"`
 }

gen/models/storage_group_base_info.go

@@ -15,6 +15,7 @@ import (
 )
 
 // StorageGroupBaseInfo Storage group info for listing.
+// Example: {"address":{"containerId":"5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv","objectId":"9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"},"expirationEpoch":5000,"name":"my-storage-group"}
 //
 // swagger:model StorageGroupBaseInfo
 type StorageGroupBaseInfo struct {

gen/models/storage_group_list.go

@@ -16,6 +16,7 @@ import (
 )
 
 // StorageGroupList List of storage groups.
+// Example: {"size":1,"storageGroups":[{"address":{"containerId":"5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv","objectId":"9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"},"expirationEpoch":5000,"name":"my-storage-group"}]}
 //
 // swagger:model StorageGroupList
 type StorageGroupList struct {

gen/models/storage_group_put_body.go

@@ -15,6 +15,7 @@ import (
 )
 
 // StorageGroupPutBody storage group put body
+// Example: {"lifetime":100,"members":["8N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"],"name":"my-storage-group"}
 //
 // swagger:model StorageGroupPutBody
 type StorageGroupPutBody struct {

gen/restapi/embedded_spec.go

@@ -536,6 +536,9 @@ func init() {
           },
           {
             "$ref": "#/parameters/signatureScheme"
+          },
+          {
+            "$ref": "#/parameters/fullBearerToken"
           }
         ],
         "responses": {
@@ -566,6 +569,9 @@ func init() {
           {
             "$ref": "#/parameters/signatureScheme"
           },
+          {
+            "$ref": "#/parameters/fullBearerToken"
+          },
           {
             "description": "Storage group co create.",
             "name": "storageGroup",
@@ -610,6 +616,9 @@ func init() {
           },
           {
             "$ref": "#/parameters/signatureScheme"
+          },
+          {
+            "$ref": "#/parameters/fullBearerToken"
           }
         ],
         "responses": {
@@ -639,6 +648,9 @@ func init() {
           },
           {
             "$ref": "#/parameters/signatureScheme"
+          },
+          {
+            "$ref": "#/parameters/fullBearerToken"
           }
         ],
         "responses": {
@@ -1680,9 +1692,11 @@ func init() {
           "readOnly": true
         },
         "expirationEpoch": {
+          "description": "Expiration epoch of storage group.",
           "type": "string"
         },
         "hash": {
+          "description": "Homomorphic hash from the concatenation of the payloads of the storage group members. Empty means hashing is disabled.",
           "type": "string"
         },
         "members": {
@@ -1697,8 +1711,21 @@ func init() {
           "type": "string"
         },
         "size": {
+          "description": "Total size of the payloads of objects in the storage group.",
           "type": "string"
         }
+      },
+      "example": {
+        "address": {
+          "containerId": "5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv",
+          "objectId": "9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        },
+        "expirationEpoch": 5000,
+        "members": [
+          "8N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        ],
+        "name": "my-storage-group",
+        "size": 4096
       }
     },
     "StorageGroupBaseInfo": {
@@ -1718,6 +1745,14 @@ func init() {
         "name": {
           "type": "string"
         }
+      },
+      "example": {
+        "address": {
+          "containerId": "5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv",
+          "objectId": "9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        },
+        "expirationEpoch": 5000,
+        "name": "my-storage-group"
       }
     },
     "StorageGroupList": {
@@ -1737,6 +1772,19 @@ func init() {
             "$ref": "#/definitions/StorageGroupBaseInfo"
           }
         }
+      },
+      "example": {
+        "size": 1,
+        "storageGroups": [
+          {
+            "address": {
+              "containerId": "5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv",
+              "objectId": "9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+            },
+            "expirationEpoch": 5000,
+            "name": "my-storage-group"
+          }
+        ]
       }
     },
     "StorageGroupPutBody": {
@@ -1761,6 +1809,13 @@ func init() {
           "description": "Name of storage group. It will be the value of the ` + "`" + `FileName` + "`" + ` attribute in storage group object.",
           "type": "string"
         }
+      },
+      "example": {
+        "lifetime": 100,
+        "members": [
+          "8N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        ],
+        "name": "my-storage-group"
       }
     },
     "SuccessResponse": {
@@ -2477,22 +2532,27 @@ func init() {
             "type": "string",
             "description": "Base64 encoded signature for bearer token.",
             "name": "X-Bearer-Signature",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "string",
             "description": "Hex encoded the public part of the key that signed the bearer token.",
             "name": "X-Bearer-Signature-Key",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "boolean",
             "default": false,
-            "description": "Use wallet connect signature scheme or native NeoFS signature.",
+            "description": "Use wallet connect signature scheme or native FrostFS signature.",
             "name": "walletConnect",
             "in": "query"
+          },
+          {
+            "type": "boolean",
+            "default": false,
+            "description": "Provided bearer token is final or gate should assemble it using signature.",
+            "name": "fullBearer",
+            "in": "query"
           }
         ],
         "responses": {
@@ -2518,23 +2578,28 @@ func init() {
             "type": "string",
             "description": "Base64 encoded signature for bearer token.",
             "name": "X-Bearer-Signature",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "string",
             "description": "Hex encoded the public part of the key that signed the bearer token.",
             "name": "X-Bearer-Signature-Key",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "boolean",
             "default": false,
-            "description": "Use wallet connect signature scheme or native NeoFS signature.",
+            "description": "Use wallet connect signature scheme or native FrostFS signature.",
             "name": "walletConnect",
             "in": "query"
           },
+          {
+            "type": "boolean",
+            "default": false,
+            "description": "Provided bearer token is final or gate should assemble it using signature.",
+            "name": "fullBearer",
+            "in": "query"
+          },
           {
             "description": "Storage group co create.",
             "name": "storageGroup",
@@ -2579,22 +2644,27 @@ func init() {
             "type": "string",
             "description": "Base64 encoded signature for bearer token.",
             "name": "X-Bearer-Signature",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "string",
             "description": "Hex encoded the public part of the key that signed the bearer token.",
             "name": "X-Bearer-Signature-Key",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "boolean",
             "default": false,
-            "description": "Use wallet connect signature scheme or native NeoFS signature.",
+            "description": "Use wallet connect signature scheme or native FrostFS signature.",
             "name": "walletConnect",
             "in": "query"
+          },
+          {
+            "type": "boolean",
+            "default": false,
+            "description": "Provided bearer token is final or gate should assemble it using signature.",
+            "name": "fullBearer",
+            "in": "query"
           }
         ],
         "responses": {
@@ -2620,22 +2690,27 @@ func init() {
             "type": "string",
             "description": "Base64 encoded signature for bearer token.",
             "name": "X-Bearer-Signature",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "string",
             "description": "Hex encoded the public part of the key that signed the bearer token.",
             "name": "X-Bearer-Signature-Key",
-            "in": "header",
+            "in": "header"
-            "required": true
           },
           {
             "type": "boolean",
             "default": false,
-            "description": "Use wallet connect signature scheme or native NeoFS signature.",
+            "description": "Use wallet connect signature scheme or native FrostFS signature.",
             "name": "walletConnect",
             "in": "query"
+          },
+          {
+            "type": "boolean",
+            "default": false,
+            "description": "Provided bearer token is final or gate should assemble it using signature.",
+            "name": "fullBearer",
+            "in": "query"
           }
         ],
         "responses": {
@@ -3756,9 +3831,11 @@ func init() {
           "readOnly": true
         },
         "expirationEpoch": {
+          "description": "Expiration epoch of storage group.",
           "type": "string"
         },
         "hash": {
+          "description": "Homomorphic hash from the concatenation of the payloads of the storage group members. Empty means hashing is disabled.",
           "type": "string"
         },
         "members": {
@@ -3773,8 +3850,21 @@ func init() {
           "type": "string"
         },
         "size": {
+          "description": "Total size of the payloads of objects in the storage group.",
           "type": "string"
         }
+      },
+      "example": {
+        "address": {
+          "containerId": "5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv",
+          "objectId": "9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        },
+        "expirationEpoch": 5000,
+        "members": [
+          "8N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        ],
+        "name": "my-storage-group",
+        "size": 4096
       }
     },
     "StorageGroupBaseInfo": {
@@ -3794,6 +3884,14 @@ func init() {
         "name": {
           "type": "string"
         }
+      },
+      "example": {
+        "address": {
+          "containerId": "5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv",
+          "objectId": "9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        },
+        "expirationEpoch": 5000,
+        "name": "my-storage-group"
       }
     },
     "StorageGroupList": {
@@ -3813,6 +3911,19 @@ func init() {
             "$ref": "#/definitions/StorageGroupBaseInfo"
           }
         }
+      },
+      "example": {
+        "size": 1,
+        "storageGroups": [
+          {
+            "address": {
+              "containerId": "5HZTn5qkRnmgSz9gSrw22CEdPPk6nQhkwf2Mgzyvkikv",
+              "objectId": "9N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+            },
+            "expirationEpoch": 5000,
+            "name": "my-storage-group"
+          }
+        ]
       }
     },
     "StorageGroupPutBody": {
@@ -3837,6 +3948,13 @@ func init() {
           "description": "Name of storage group. It will be the value of the ` + "`" + `FileName` + "`" + ` attribute in storage group object.",
           "type": "string"
         }
+      },
+      "example": {
+        "lifetime": 100,
+        "members": [
+          "8N3o7Dtr6T1xteCt6eRwhpmJ7JhME58Hyu1dvaswuTDd"
+        ],
+        "name": "my-storage-group"
       }
     },
     "SuccessResponse": {

gen/restapi/operations/delete_storage_group.go

@@ -10,7 +10,7 @@ import (
 
 	"github.com/go-openapi/runtime/middleware"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // DeleteStorageGroupHandlerFunc turns a function with the right signature into a delete storage group handler
@@ -31,10 +31,10 @@ func NewDeleteStorageGroup(ctx *middleware.Context, handler DeleteStorageGroupHa
 	return &DeleteStorageGroup{Context: ctx, Handler: handler}
 }
 
-/* DeleteStorageGroup swagger:route DELETE /containers/{containerId}/storagegroups/{storageGroupId} deleteStorageGroup
+/*
+	DeleteStorageGroup swagger:route DELETE /containers/{containerId}/storagegroups/{storageGroupId} deleteStorageGroup
 
 Delete storage group from container.
-
 */
 type DeleteStorageGroup struct {
 	Context *middleware.Context

gen/restapi/operations/delete_storage_group_parameters.go

@@ -13,7 +13,6 @@ import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
-	"github.com/go-openapi/validate"
 )
 
 // NewDeleteStorageGroupParams creates a new DeleteStorageGroupParams object
@@ -23,10 +22,14 @@ func NewDeleteStorageGroupParams() DeleteStorageGroupParams {
 	var (
 		// initialize parameters with default values
 
+		fullBearerDefault = bool(false)
+
 		walletConnectDefault = bool(false)
 	)
 
 	return DeleteStorageGroupParams{
+		FullBearer: &fullBearerDefault,
+
 		WalletConnect: &walletConnectDefault,
 	}
 }
@@ -41,26 +44,29 @@ type DeleteStorageGroupParams struct {
 	HTTPRequest *http.Request `json:"-"`
 
 	/*Base64 encoded signature for bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignature string
+	XBearerSignature *string
 	/*Hex encoded the public part of the key that signed the bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignatureKey string
+	XBearerSignatureKey *string
 	/*Base58 encoded container id.
 	  Required: true
 	  In: path
 	*/
 	ContainerID string
+	/*Provided bearer token is final or gate should assemble it using signature.
+	  In: query
+	  Default: false
+	*/
+	FullBearer *bool
 	/*Base58 encoded storage group id.
 	  Required: true
 	  In: path
 	*/
 	StorageGroupID string
-	/*Use wallet connect signature scheme or native NeoFS signature.
+	/*Use wallet connect signature scheme or native FrostFS signature.
 	  In: query
 	  Default: false
 	*/
@@ -91,6 +97,11 @@ func (o *DeleteStorageGroupParams) BindRequest(r *http.Request, route *middlewar
 		res = append(res, err)
 	}
 
+	qFullBearer, qhkFullBearer, _ := qs.GetOK("fullBearer")
+	if err := o.bindFullBearer(qFullBearer, qhkFullBearer, route.Formats); err != nil {
+		res = append(res, err)
+	}
+
 	rStorageGroupID, rhkStorageGroupID, _ := route.Params.GetOK("storageGroupId")
 	if err := o.bindStorageGroupID(rStorageGroupID, rhkStorageGroupID, route.Formats); err != nil {
 		res = append(res, err)
@@ -108,40 +119,34 @@ func (o *DeleteStorageGroupParams) BindRequest(r *http.Request, route *middlewar
 
 // bindXBearerSignature binds and validates parameter XBearerSignature from header.
 func (o *DeleteStorageGroupParams) bindXBearerSignature(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignature = raw
+	o.XBearerSignature = &raw
 
 	return nil
 }
 
 // bindXBearerSignatureKey binds and validates parameter XBearerSignatureKey from header.
 func (o *DeleteStorageGroupParams) bindXBearerSignatureKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature-Key", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature-Key", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignatureKey = raw
+	o.XBearerSignatureKey = &raw
 
 	return nil
 }
@@ -160,6 +165,30 @@ func (o *DeleteStorageGroupParams) bindContainerID(rawData []string, hasKey bool
 	return nil
 }
 
+// bindFullBearer binds and validates parameter FullBearer from query.
+func (o *DeleteStorageGroupParams) bindFullBearer(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		// Default values have been previously initialized by NewDeleteStorageGroupParams()
+		return nil
+	}
+
+	value, err := swag.ConvertBool(raw)
+	if err != nil {
+		return errors.InvalidType("fullBearer", "query", "bool", raw)
+	}
+	o.FullBearer = &value
+
+	return nil
+}
+
 // bindStorageGroupID binds and validates parameter StorageGroupID from path.
 func (o *DeleteStorageGroupParams) bindStorageGroupID(rawData []string, hasKey bool, formats strfmt.Registry) error {
 	var raw string

gen/restapi/operations/delete_storage_group_responses.go

@@ -10,13 +10,14 @@ import (
 
 	"github.com/go-openapi/runtime"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // DeleteStorageGroupOKCode is the HTTP code returned for type DeleteStorageGroupOK
 const DeleteStorageGroupOKCode int = 200
 
-/*DeleteStorageGroupOK Successful deletion.
+/*
+DeleteStorageGroupOK Successful deletion.
 
 swagger:response deleteStorageGroupOK
 */
@@ -60,7 +61,8 @@ func (o *DeleteStorageGroupOK) WriteResponse(rw http.ResponseWriter, producer ru
 // DeleteStorageGroupBadRequestCode is the HTTP code returned for type DeleteStorageGroupBadRequest
 const DeleteStorageGroupBadRequestCode int = 400
 
-/*DeleteStorageGroupBadRequest Bad request.
+/*
+DeleteStorageGroupBadRequest Bad request.
 
 swagger:response deleteStorageGroupBadRequest
 */

gen/restapi/operations/get_storage_group.go

@@ -10,7 +10,7 @@ import (
 
 	"github.com/go-openapi/runtime/middleware"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // GetStorageGroupHandlerFunc turns a function with the right signature into a get storage group handler
@@ -31,10 +31,10 @@ func NewGetStorageGroup(ctx *middleware.Context, handler GetStorageGroupHandler)
 	return &GetStorageGroup{Context: ctx, Handler: handler}
 }
 
-/* GetStorageGroup swagger:route GET /containers/{containerId}/storagegroups/{storageGroupId} getStorageGroup
+/*
+	GetStorageGroup swagger:route GET /containers/{containerId}/storagegroups/{storageGroupId} getStorageGroup
 
 Get storage group info.
-
 */
 type GetStorageGroup struct {
 	Context *middleware.Context

gen/restapi/operations/get_storage_group_parameters.go

@@ -13,7 +13,6 @@ import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
-	"github.com/go-openapi/validate"
 )
 
 // NewGetStorageGroupParams creates a new GetStorageGroupParams object
@@ -23,10 +22,14 @@ func NewGetStorageGroupParams() GetStorageGroupParams {
 	var (
 		// initialize parameters with default values
 
+		fullBearerDefault = bool(false)
+
 		walletConnectDefault = bool(false)
 	)
 
 	return GetStorageGroupParams{
+		FullBearer: &fullBearerDefault,
+
 		WalletConnect: &walletConnectDefault,
 	}
 }
@@ -41,26 +44,29 @@ type GetStorageGroupParams struct {
 	HTTPRequest *http.Request `json:"-"`
 
 	/*Base64 encoded signature for bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignature string
+	XBearerSignature *string
 	/*Hex encoded the public part of the key that signed the bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignatureKey string
+	XBearerSignatureKey *string
 	/*Base58 encoded container id.
 	  Required: true
 	  In: path
 	*/
 	ContainerID string
+	/*Provided bearer token is final or gate should assemble it using signature.
+	  In: query
+	  Default: false
+	*/
+	FullBearer *bool
 	/*Base58 encoded storage group id.
 	  Required: true
 	  In: path
 	*/
 	StorageGroupID string
-	/*Use wallet connect signature scheme or native NeoFS signature.
+	/*Use wallet connect signature scheme or native FrostFS signature.
 	  In: query
 	  Default: false
 	*/
@@ -91,6 +97,11 @@ func (o *GetStorageGroupParams) BindRequest(r *http.Request, route *middleware.M
 		res = append(res, err)
 	}
 
+	qFullBearer, qhkFullBearer, _ := qs.GetOK("fullBearer")
+	if err := o.bindFullBearer(qFullBearer, qhkFullBearer, route.Formats); err != nil {
+		res = append(res, err)
+	}
+
 	rStorageGroupID, rhkStorageGroupID, _ := route.Params.GetOK("storageGroupId")
 	if err := o.bindStorageGroupID(rStorageGroupID, rhkStorageGroupID, route.Formats); err != nil {
 		res = append(res, err)
@@ -108,40 +119,34 @@ func (o *GetStorageGroupParams) BindRequest(r *http.Request, route *middleware.M
 
 // bindXBearerSignature binds and validates parameter XBearerSignature from header.
 func (o *GetStorageGroupParams) bindXBearerSignature(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignature = raw
+	o.XBearerSignature = &raw
 
 	return nil
 }
 
 // bindXBearerSignatureKey binds and validates parameter XBearerSignatureKey from header.
 func (o *GetStorageGroupParams) bindXBearerSignatureKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature-Key", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature-Key", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignatureKey = raw
+	o.XBearerSignatureKey = &raw
 
 	return nil
 }
@@ -160,6 +165,30 @@ func (o *GetStorageGroupParams) bindContainerID(rawData []string, hasKey bool, f
 	return nil
 }
 
+// bindFullBearer binds and validates parameter FullBearer from query.
+func (o *GetStorageGroupParams) bindFullBearer(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		// Default values have been previously initialized by NewGetStorageGroupParams()
+		return nil
+	}
+
+	value, err := swag.ConvertBool(raw)
+	if err != nil {
+		return errors.InvalidType("fullBearer", "query", "bool", raw)
+	}
+	o.FullBearer = &value
+
+	return nil
+}
+
 // bindStorageGroupID binds and validates parameter StorageGroupID from path.
 func (o *GetStorageGroupParams) bindStorageGroupID(rawData []string, hasKey bool, formats strfmt.Registry) error {
 	var raw string

gen/restapi/operations/get_storage_group_responses.go

@@ -10,13 +10,14 @@ import (
 
 	"github.com/go-openapi/runtime"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // GetStorageGroupOKCode is the HTTP code returned for type GetStorageGroupOK
 const GetStorageGroupOKCode int = 200
 
-/*GetStorageGroupOK Storage group information.
+/*
+GetStorageGroupOK Storage group information.
 
 swagger:response getStorageGroupOK
 */
@@ -60,7 +61,8 @@ func (o *GetStorageGroupOK) WriteResponse(rw http.ResponseWriter, producer runti
 // GetStorageGroupBadRequestCode is the HTTP code returned for type GetStorageGroupBadRequest
 const GetStorageGroupBadRequestCode int = 400
 
-/*GetStorageGroupBadRequest Bad request.
+/*
+GetStorageGroupBadRequest Bad request.
 
 swagger:response getStorageGroupBadRequest
 */

gen/restapi/operations/list_storage_groups.go

@@ -10,7 +10,7 @@ import (
 
 	"github.com/go-openapi/runtime/middleware"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // ListStorageGroupsHandlerFunc turns a function with the right signature into a list storage groups handler
@@ -31,10 +31,10 @@ func NewListStorageGroups(ctx *middleware.Context, handler ListStorageGroupsHand
 	return &ListStorageGroups{Context: ctx, Handler: handler}
 }
 
-/* ListStorageGroups swagger:route GET /containers/{containerId}/storagegroups listStorageGroups
+/*
+	ListStorageGroups swagger:route GET /containers/{containerId}/storagegroups listStorageGroups
 
 Find all storage groups in container.
-
 */
 type ListStorageGroups struct {
 	Context *middleware.Context

gen/restapi/operations/list_storage_groups_parameters.go

@@ -13,7 +13,6 @@ import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
-	"github.com/go-openapi/validate"
 )
 
 // NewListStorageGroupsParams creates a new ListStorageGroupsParams object
@@ -23,10 +22,13 @@ func NewListStorageGroupsParams() ListStorageGroupsParams {
 	var (
 		// initialize parameters with default values
 
+		fullBearerDefault    = bool(false)
 		walletConnectDefault = bool(false)
 	)
 
 	return ListStorageGroupsParams{
+		FullBearer: &fullBearerDefault,
+
 		WalletConnect: &walletConnectDefault,
 	}
 }
@@ -41,21 +43,24 @@ type ListStorageGroupsParams struct {
 	HTTPRequest *http.Request `json:"-"`
 
 	/*Base64 encoded signature for bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignature string
+	XBearerSignature *string
 	/*Hex encoded the public part of the key that signed the bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignatureKey string
+	XBearerSignatureKey *string
 	/*Base58 encoded container id.
 	  Required: true
 	  In: path
 	*/
 	ContainerID string
-	/*Use wallet connect signature scheme or native NeoFS signature.
+	/*Provided bearer token is final or gate should assemble it using signature.
+	  In: query
+	  Default: false
+	*/
+	FullBearer *bool
+	/*Use wallet connect signature scheme or native FrostFS signature.
 	  In: query
 	  Default: false
 	*/
@@ -86,6 +91,11 @@ func (o *ListStorageGroupsParams) BindRequest(r *http.Request, route *middleware
 		res = append(res, err)
 	}
 
+	qFullBearer, qhkFullBearer, _ := qs.GetOK("fullBearer")
+	if err := o.bindFullBearer(qFullBearer, qhkFullBearer, route.Formats); err != nil {
+		res = append(res, err)
+	}
+
 	qWalletConnect, qhkWalletConnect, _ := qs.GetOK("walletConnect")
 	if err := o.bindWalletConnect(qWalletConnect, qhkWalletConnect, route.Formats); err != nil {
 		res = append(res, err)
@@ -98,40 +108,34 @@ func (o *ListStorageGroupsParams) BindRequest(r *http.Request, route *middleware
 
 // bindXBearerSignature binds and validates parameter XBearerSignature from header.
 func (o *ListStorageGroupsParams) bindXBearerSignature(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignature = raw
+	o.XBearerSignature = &raw
 
 	return nil
 }
 
 // bindXBearerSignatureKey binds and validates parameter XBearerSignatureKey from header.
 func (o *ListStorageGroupsParams) bindXBearerSignatureKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature-Key", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature-Key", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignatureKey = raw
+	o.XBearerSignatureKey = &raw
 
 	return nil
 }
@@ -150,6 +154,30 @@ func (o *ListStorageGroupsParams) bindContainerID(rawData []string, hasKey bool,
 	return nil
 }
 
+// bindFullBearer binds and validates parameter FullBearer from query.
+func (o *ListStorageGroupsParams) bindFullBearer(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		// Default values have been previously initialized by NewListStorageGroupsParams()
+		return nil
+	}
+
+	value, err := swag.ConvertBool(raw)
+	if err != nil {
+		return errors.InvalidType("fullBearer", "query", "bool", raw)
+	}
+	o.FullBearer = &value
+
+	return nil
+}
+
 // bindWalletConnect binds and validates parameter WalletConnect from query.
 func (o *ListStorageGroupsParams) bindWalletConnect(rawData []string, hasKey bool, formats strfmt.Registry) error {
 	var raw string

gen/restapi/operations/list_storage_groups_responses.go

@@ -10,13 +10,14 @@ import (
 
 	"github.com/go-openapi/runtime"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // ListStorageGroupsOKCode is the HTTP code returned for type ListStorageGroupsOK
 const ListStorageGroupsOKCode int = 200
 
-/*ListStorageGroupsOK List of storage groups.
+/*
+ListStorageGroupsOK List of storage groups.
 
 swagger:response listStorageGroupsOK
 */
@@ -60,7 +61,8 @@ func (o *ListStorageGroupsOK) WriteResponse(rw http.ResponseWriter, producer run
 // ListStorageGroupsBadRequestCode is the HTTP code returned for type ListStorageGroupsBadRequest
 const ListStorageGroupsBadRequestCode int = 400
 
-/*ListStorageGroupsBadRequest Bad request.
+/*
+ListStorageGroupsBadRequest Bad request.
 
 swagger:response listStorageGroupsBadRequest
 */

gen/restapi/operations/put_storage_group.go

@@ -10,7 +10,7 @@ import (
 
 	"github.com/go-openapi/runtime/middleware"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // PutStorageGroupHandlerFunc turns a function with the right signature into a put storage group handler
@@ -31,10 +31,10 @@ func NewPutStorageGroup(ctx *middleware.Context, handler PutStorageGroupHandler)
 	return &PutStorageGroup{Context: ctx, Handler: handler}
 }
 
-/* PutStorageGroup swagger:route PUT /containers/{containerId}/storagegroups putStorageGroup
+/*
+	PutStorageGroup swagger:route PUT /containers/{containerId}/storagegroups putStorageGroup
 
 Create a new storage group in container.
-
 */
 type PutStorageGroup struct {
 	Context *middleware.Context

gen/restapi/operations/put_storage_group_parameters.go

@@ -17,7 +17,7 @@ import (
 	"github.com/go-openapi/swag"
 	"github.com/go-openapi/validate"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // NewPutStorageGroupParams creates a new PutStorageGroupParams object
@@ -27,10 +27,14 @@ func NewPutStorageGroupParams() PutStorageGroupParams {
 	var (
 		// initialize parameters with default values
 
+		fullBearerDefault = bool(false)
+
 		walletConnectDefault = bool(false)
 	)
 
 	return PutStorageGroupParams{
+		FullBearer: &fullBearerDefault,
+
 		WalletConnect: &walletConnectDefault,
 	}
 }
@@ -45,26 +49,29 @@ type PutStorageGroupParams struct {
 	HTTPRequest *http.Request `json:"-"`
 
 	/*Base64 encoded signature for bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignature string
+	XBearerSignature *string
 	/*Hex encoded the public part of the key that signed the bearer token.
-	  Required: true
 	  In: header
 	*/
-	XBearerSignatureKey string
+	XBearerSignatureKey *string
 	/*Base58 encoded container id.
 	  Required: true
 	  In: path
 	*/
 	ContainerID string
+	/*Provided bearer token is final or gate should assemble it using signature.
+	  In: query
+	  Default: false
+	*/
+	FullBearer *bool
 	/*Storage group co create.
 	  Required: true
 	  In: body
 	*/
 	StorageGroup *models.StorageGroupPutBody
-	/*Use wallet connect signature scheme or native NeoFS signature.
+	/*Use wallet connect signature scheme or native FrostFS signature.
 	  In: query
 	  Default: false
 	*/
@@ -95,6 +102,11 @@ func (o *PutStorageGroupParams) BindRequest(r *http.Request, route *middleware.M
 		res = append(res, err)
 	}
 
+	qFullBearer, qhkFullBearer, _ := qs.GetOK("fullBearer")
+	if err := o.bindFullBearer(qFullBearer, qhkFullBearer, route.Formats); err != nil {
+		res = append(res, err)
+	}
+
 	if runtime.HasBody(r) {
 		defer r.Body.Close()
 		var body models.StorageGroupPutBody
@@ -135,40 +147,34 @@ func (o *PutStorageGroupParams) BindRequest(r *http.Request, route *middleware.M
 
 // bindXBearerSignature binds and validates parameter XBearerSignature from header.
 func (o *PutStorageGroupParams) bindXBearerSignature(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignature = raw
+	o.XBearerSignature = &raw
 
 	return nil
 }
 
 // bindXBearerSignatureKey binds and validates parameter XBearerSignatureKey from header.
 func (o *PutStorageGroupParams) bindXBearerSignatureKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
-	if !hasKey {
-		return errors.Required("X-Bearer-Signature-Key", "header", rawData)
-	}
 	var raw string
 	if len(rawData) > 0 {
 		raw = rawData[len(rawData)-1]
 	}
 
-	// Required: true
+	// Required: false
 
-	if err := validate.RequiredString("X-Bearer-Signature-Key", "header", raw); err != nil {
+	if raw == "" { // empty values pass all other validations
-		return err
+		return nil
 	}
-	o.XBearerSignatureKey = raw
+	o.XBearerSignatureKey = &raw
 
 	return nil
 }
@@ -187,6 +193,30 @@ func (o *PutStorageGroupParams) bindContainerID(rawData []string, hasKey bool, f
 	return nil
 }
 
+// bindFullBearer binds and validates parameter FullBearer from query.
+func (o *PutStorageGroupParams) bindFullBearer(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		// Default values have been previously initialized by NewPutStorageGroupParams()
+		return nil
+	}
+
+	value, err := swag.ConvertBool(raw)
+	if err != nil {
+		return errors.InvalidType("fullBearer", "query", "bool", raw)
+	}
+	o.FullBearer = &value
+
+	return nil
+}
+
 // bindWalletConnect binds and validates parameter WalletConnect from query.
 func (o *PutStorageGroupParams) bindWalletConnect(rawData []string, hasKey bool, formats strfmt.Registry) error {
 	var raw string

gen/restapi/operations/put_storage_group_responses.go

@@ -10,13 +10,14 @@ import (
 
 	"github.com/go-openapi/runtime"
 
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
 )
 
 // PutStorageGroupOKCode is the HTTP code returned for type PutStorageGroupOK
 const PutStorageGroupOKCode int = 200
 
-/*PutStorageGroupOK Address of uploaded storage group.
+/*
+PutStorageGroupOK Address of uploaded storage group.
 
 swagger:response putStorageGroupOK
 */
@@ -60,7 +61,8 @@ func (o *PutStorageGroupOK) WriteResponse(rw http.ResponseWriter, producer runti
 // PutStorageGroupBadRequestCode is the HTTP code returned for type PutStorageGroupBadRequest
 const PutStorageGroupBadRequestCode int = 400
 
-/*PutStorageGroupBadRequest Bad request.
+/*
+PutStorageGroupBadRequest Bad request.
 
 swagger:response putStorageGroupBadRequest
 */

go.mod

@@ -4,7 +4,9 @@ go 1.17
 
 require (
 	github.com/TrueCloudLab/frostfs-api-go/v2 v2.0.0-20221212144048-1351b6656d68
+	github.com/TrueCloudLab/frostfs-crypto v0.5.0
 	github.com/TrueCloudLab/frostfs-sdk-go v0.0.0-20221214065929-4c779423f556
+	github.com/TrueCloudLab/tzhash v1.7.0
 	github.com/go-openapi/errors v0.20.2
 	github.com/go-openapi/loads v0.21.1
 	github.com/go-openapi/runtime v0.23.3
@@ -27,10 +29,8 @@ require (
 	github.com/Microsoft/hcsshim v0.8.23 // indirect
 	github.com/PuerkitoBio/purell v1.1.1 // indirect
 	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
-	github.com/TrueCloudLab/frostfs-crypto v0.5.0
 	github.com/TrueCloudLab/hrw v1.1.0 // indirect
 	github.com/TrueCloudLab/rfc6979 v0.3.0 // indirect
-	github.com/TrueCloudLab/tzhash v1.7.0 // indirect
 	github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
 	github.com/beorn7/perks v1.0.1 // indirect

handlers/storagegroup.go

@@ -8,20 +8,20 @@ import (
 	"io"
 	"strconv"
 
+	objectv2 "github.com/TrueCloudLab/frostfs-api-go/v2/object"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/models"
+	"github.com/TrueCloudLab/frostfs-rest-gw/gen/restapi/operations"
+	"github.com/TrueCloudLab/frostfs-rest-gw/internal/util"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/checksum"
+	"github.com/TrueCloudLab/frostfs-sdk-go/container"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/pool"
+	"github.com/TrueCloudLab/frostfs-sdk-go/storagegroup"
+	"github.com/TrueCloudLab/tzhash/tz"
 	"github.com/go-openapi/runtime/middleware"
-	objectv2 "github.com/nspcc-dev/neofs-api-go/v2/object"
-	"github.com/nspcc-dev/neofs-rest-gw/gen/models"
-	"github.com/nspcc-dev/neofs-rest-gw/gen/restapi/operations"
-	"github.com/nspcc-dev/neofs-rest-gw/internal/util"
-	"github.com/nspcc-dev/neofs-sdk-go/bearer"
-	"github.com/nspcc-dev/neofs-sdk-go/checksum"
-	"github.com/nspcc-dev/neofs-sdk-go/container"
-	cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
-	"github.com/nspcc-dev/neofs-sdk-go/object"
-	oid "github.com/nspcc-dev/neofs-sdk-go/object/id"
-	"github.com/nspcc-dev/neofs-sdk-go/pool"
-	"github.com/nspcc-dev/neofs-sdk-go/storagegroup"
-	"github.com/nspcc-dev/tzhash/tz"
 )
 
 // PutStorageGroup handler that create a new storage group.
@@ -34,7 +34,7 @@ func (a *API) PutStorageGroup(params operations.PutStorageGroupParams, principal
 		return operations.NewPutStorageGroupBadRequest().WithPayload(resp)
 	}
 
-	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect)
+	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect, *params.FullBearer)
 	if err != nil {
 		resp := a.logAndGetErrorResponse("invalid bearer token", err)
 		return operations.NewPutStorageGroupBadRequest().WithPayload(resp)
@@ -69,7 +69,7 @@ func (a *API) ListStorageGroups(params operations.ListStorageGroupsParams, princ
 		return operations.NewListStorageGroupsBadRequest().WithPayload(resp)
 	}
 
-	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect)
+	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect, *params.FullBearer)
 	if err != nil {
 		resp := a.logAndGetErrorResponse("invalid bearer token", err)
 		return operations.NewListStorageGroupsBadRequest().WithPayload(resp)
@@ -80,7 +80,7 @@ func (a *API) ListStorageGroups(params operations.ListStorageGroupsParams, princ
 
 	var prm pool.PrmObjectSearch
 	prm.SetContainerID(cnrID)
-	prm.UseBearer(btoken)
+	attachBearer(&prm, btoken)
 	prm.SetFilters(filters)
 
 	resSearch, err := a.pool.SearchObjects(ctx, prm)
@@ -117,14 +117,14 @@ func (a *API) ListStorageGroups(params operations.ListStorageGroupsParams, princ
 	return operations.NewListStorageGroupsOK().WithPayload(resp)
 }
 
-func headObjectStorageGroupBaseInfo(ctx context.Context, p *pool.Pool, cnrID cid.ID, objID oid.ID, btoken bearer.Token) (*models.StorageGroupBaseInfo, error) {
+func headObjectStorageGroupBaseInfo(ctx context.Context, p *pool.Pool, cnrID cid.ID, objID oid.ID, btoken *bearer.Token) (*models.StorageGroupBaseInfo, error) {
 	var addr oid.Address
 	addr.SetContainer(cnrID)
 	addr.SetObject(objID)
 
 	var prm pool.PrmObjectHead
 	prm.SetAddress(addr)
-	prm.UseBearer(btoken)
+	attachBearer(&prm, btoken)
 
 	objInfo, err := p.HeadObject(ctx, prm)
 	if err != nil {
@@ -166,7 +166,7 @@ func (a *API) DeleteStorageGroup(params operations.DeleteStorageGroupParams, pri
 		return operations.NewDeleteStorageGroupBadRequest().WithPayload(resp)
 	}
 
-	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect)
+	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect, *params.FullBearer)
 	if err != nil {
 		resp := a.logAndGetErrorResponse("failed to get bearer token", err)
 		return operations.NewDeleteStorageGroupBadRequest().WithPayload(resp)
@@ -174,7 +174,7 @@ func (a *API) DeleteStorageGroup(params operations.DeleteStorageGroupParams, pri
 
 	var prm pool.PrmObjectDelete
 	prm.SetAddress(addr)
-	prm.UseBearer(btoken)
+	attachBearer(&prm, btoken)
 
 	if err = a.pool.DeleteObject(ctx, prm); err != nil {
 		resp := a.logAndGetErrorResponse("failed to delete storage group", err)
@@ -195,7 +195,7 @@ func (a *API) GetStorageGroup(params operations.GetStorageGroupParams, principal
 		return errorResponse.WithPayload(resp)
 	}
 
-	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect)
+	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect, *params.FullBearer)
 	if err != nil {
 		resp := a.logAndGetErrorResponse("get bearer token", err)
 		return errorResponse.WithPayload(resp)
@@ -203,7 +203,7 @@ func (a *API) GetStorageGroup(params operations.GetStorageGroupParams, principal
 
 	var prm pool.PrmObjectGet
 	prm.SetAddress(addr)
-	prm.UseBearer(btoken)
+	attachBearer(&prm, btoken)
 
 	objRes, err := a.pool.GetObject(ctx, prm)
 	if err != nil {
@@ -252,7 +252,7 @@ func getStorageGroupName(obj object.Object) string {
 	return ""
 }
 
-func (a *API) readStorageGroup(objRes *pool.ResGetObject) (*storagegroup.StorageGroup, error) {
+func (a *API) readStorageGroup(objRes pool.ResGetObject) (*storagegroup.StorageGroup, error) {
 	buf := bytes.NewBuffer(nil)
 	if _, err := io.Copy(buf, objRes.Payload); err != nil {
 		return nil, fmt.Errorf("failed to copy storage group payload: %w", err)
@@ -269,7 +269,7 @@ func (a *API) readStorageGroup(objRes *pool.ResGetObject) (*storagegroup.Storage
 	return &sb, nil
 }
 
-func (a *API) formStorageGroup(ctx context.Context, cnrID cid.ID, btoken bearer.Token, storageGroup *models.StorageGroupPutBody) (*storagegroup.StorageGroup, error) {
+func (a *API) formStorageGroup(ctx context.Context, cnrID cid.ID, btoken *bearer.Token, storageGroup *models.StorageGroupPutBody) (*storagegroup.StorageGroup, error) {
 	members, err := a.parseStorageGroupMembers(storageGroup)
 	if err != nil {
 		return nil, fmt.Errorf("parse storage group members: %w", err)
@@ -302,33 +302,31 @@ func (a *API) formStorageGroup(ctx context.Context, cnrID cid.ID, btoken bearer.
 	return &sg, nil
 }
 
-func (a *API) putStorageGroupObject(ctx context.Context, cnrID cid.ID, btoken bearer.Token, fileName string, sg storagegroup.StorageGroup) (*oid.ID, error) {
+func (a *API) putStorageGroupObject(ctx context.Context, cnrID cid.ID, btoken *bearer.Token, fileName string, sg storagegroup.StorageGroup) (*oid.ID, error) {
-	owner := bearer.ResolveIssuer(btoken)
-
 	var attrFileName object.Attribute
 	attrFileName.SetKey(object.AttributeFileName)
 	attrFileName.SetValue(fileName)
 
 	obj := object.New()
 	obj.SetContainerID(cnrID)
-	obj.SetOwnerID(&owner)
+	attachOwner(obj, btoken)
 	obj.SetAttributes(attrFileName)
 
 	storagegroup.WriteToObject(sg, obj)
 
 	var prmPut pool.PrmObjectPut
 	prmPut.SetHeader(*obj)
-	prmPut.UseBearer(btoken)
+	attachBearer(&prmPut, btoken)
 
 	objID, err := a.pool.PutObject(ctx, prmPut)
 	if err != nil {
 		return nil, fmt.Errorf("put object: %w", err)
 	}
 
-	return objID, nil
+	return &objID, nil
 }
 
-func (a *API) getStorageGroupSizeAndHash(ctx context.Context, cnrID cid.ID, btoken bearer.Token, members []oid.ID, needCalcHash bool) (uint64, *checksum.Checksum, error) {
+func (a *API) getStorageGroupSizeAndHash(ctx context.Context, cnrID cid.ID, btoken *bearer.Token, members []oid.ID, needCalcHash bool) (uint64, *checksum.Checksum, error) {
 	var (
 		sgSize    uint64
 		objHashes [][]byte
@@ -337,7 +335,7 @@ func (a *API) getStorageGroupSizeAndHash(ctx context.Context, cnrID cid.ID, btok
 	)
 
 	addr.SetContainer(cnrID)
-	prm.UseBearer(btoken)
+	attachBearer(&prm, btoken)
 
 	for _, objID := range members {
 		addr.SetObject(objID)
@@ -401,5 +399,5 @@ func isHomomorphicHashingDisabled(ctx context.Context, p *pool.Pool, cnrID cid.I
 		return false, fmt.Errorf("get container: %w", err)
 	}
 
-	return container.IsHomomorphicHashingDisabled(*cnr), nil
+	return container.IsHomomorphicHashingDisabled(cnr), nil
 }

spec/rest.yaml

@@ -573,6 +573,7 @@ paths:
         - $ref: '#/parameters/signatureParam'
         - $ref: '#/parameters/signatureKeyParam'
         - $ref: '#/parameters/signatureScheme'
+        - $ref: '#/parameters/fullBearerToken'
         - in: body
           name: storageGroup
           required: true
@@ -595,6 +596,7 @@ paths:
         - $ref: '#/parameters/signatureParam'
         - $ref: '#/parameters/signatureKeyParam'
         - $ref: '#/parameters/signatureScheme'
+        - $ref: '#/parameters/fullBearerToken'
       responses:
         200:
           description: List of storage groups.
@@ -616,6 +618,7 @@ paths:
         - $ref: '#/parameters/signatureParam'
         - $ref: '#/parameters/signatureKeyParam'
         - $ref: '#/parameters/signatureScheme'
+        - $ref: '#/parameters/fullBearerToken'
       responses:
         200:
           description: Storage group information.
@@ -632,6 +635,7 @@ paths:
         - $ref: '#/parameters/signatureParam'
         - $ref: '#/parameters/signatureKeyParam'
         - $ref: '#/parameters/signatureScheme'
+        - $ref: '#/parameters/fullBearerToken'
       responses:
         200:
           description: Successful deletion.