TrueCloudLab
/
frostfs-s3-gw
15
2
Fork 16
Code Issues 21 Pull Requests 9 Actions Packages Projects Releases 9 Activity

NFSSVC-27 Migrate to auth.GetBearerToken

remotes/KirillovDenis/bugfix/681-fix_acl_parsing
Evgeniy Kulikov 2020-07-24 19:16:58 +03:00
parent e776e9c0cb
commit e59d62237e
1 changed files with 17 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
neofs/api/handler/container.go
View File

@ -6,6 +6,7 @@ import (
"net/http" "net/http"
"time" "time"
"github.com/minio/minio/auth"
"github.com/minio/minio/neofs/api" "github.com/minio/minio/neofs/api"
"github.com/nspcc-dev/neofs-api-go/container" "github.com/nspcc-dev/neofs-api-go/container"
"github.com/nspcc-dev/neofs-api-go/refs" "github.com/nspcc-dev/neofs-api-go/refs"
@ -47,17 +48,6 @@ type (
} }
) )
// TODO should be replaced with auth.GetBearerToken
func getBearerToken(ctx context.Context) (*service.BearerTokenMsg, error) {
if val := ctx.Value("ctxBearerToken"); val == nil {
return nil, errors.New("empty bearer token")
} else if tkn, ok := val.(*service.BearerTokenMsg); ok {
return tkn, nil
}
return nil, errors.New("bad value for bearer token")
}
func (h *handler) getContainerInfo(ctx context.Context, p cnrInfoParams) (*Bucket, error) { func (h *handler) getContainerInfo(ctx context.Context, p cnrInfoParams) (*Bucket, error) {
var ( var (
err error err error
@ -92,27 +82,32 @@ func (h *handler) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
inf *Bucket inf *Bucket
con *grpc.ClientConn con *grpc.ClientConn
res *container.ListResponse res *container.ListResponse
tkn *service.BearerTokenMsg
) )
// TODO think about timeout // TODO think about deadlines
ctx, cancel := context.WithTimeout(r.Context(), 30*time.Second) ctx, cancel := context.WithTimeout(r.Context(), 30*time.Second)
defer cancel() defer cancel()
// TODO should be replaced with auth.GetBearerToken, if tkn, err = auth.GetBearerToken(ctx); err != nil {
// than if we not received token, should call h.log.Error("could not fetch bearer token",
// api.WriteErrorResponse zap.Error(err))
bearer, _ := getBearerToken(ctx)
// should be taken from BearerToken, to display only users containers e := api.GetAPIError(api.ErrInternalError)
// in future
if bearer != nil { api.WriteErrorResponse(ctx, w, api.Error{
uid = bearer.OwnerID Code: e.Code,
Description: err.Error(),
HTTPStatusCode: e.HTTPStatusCode,
}, r.URL)
return
} }
req := new(container.ListRequest) req := new(container.ListRequest)
req.OwnerID = uid req.OwnerID = uid
req.SetTTL(service.SingleForwardingTTL) req.SetTTL(service.SingleForwardingTTL)
req.SetBearer(bearer) req.SetBearer(tkn)
// req.SetVersion(APIVersion) ?? // req.SetVersion(APIVersion) ??
if con, err = h.cli.GetConnection(ctx); err != nil { if con, err = h.cli.GetConnection(ctx); err != nil {
@ -161,7 +156,7 @@ func (h *handler) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
DisplayName: uid.String(), DisplayName: uid.String(),
}} }}
params := cnrInfoParams{con: con, tkn: bearer} params := cnrInfoParams{con: con, tkn: tkn}
for _, cid := range res.CID { for _, cid := range res.CID {
// should receive each container info (??): // should receive each container info (??):