[#128] token: Add getters/setters

Added methods:
- Empty() bool;
- Expiration() uint64;
- NotBeforeTime() uint64;
- IssuedAt() uint64;
- EACLTable() *eacl.Table;
- OwnerID() *owner.ID
- Signature() *signature.Signature;
- VerifySignature() error.

Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
This commit is contained in:
Pavel Karpy 2022-01-25 19:17:09 +03:00 committed by Alex Vanin
parent 9414f42aa3
commit 03560b84af

View file

@ -11,7 +11,8 @@ import (
v2signature "github.com/nspcc-dev/neofs-api-go/v2/signature" v2signature "github.com/nspcc-dev/neofs-api-go/v2/signature"
"github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/eacl"
"github.com/nspcc-dev/neofs-sdk-go/owner" "github.com/nspcc-dev/neofs-sdk-go/owner"
"github.com/nspcc-dev/neofs-sdk-go/util/signature" "github.com/nspcc-dev/neofs-sdk-go/signature"
util "github.com/nspcc-dev/neofs-sdk-go/util/signature"
) )
var ( var (
@ -35,6 +36,10 @@ func (b *BearerToken) ToV2() *acl.BearerToken {
return &b.token return &b.token
} }
func (b *BearerToken) Empty() bool {
return b == nil || b.token.GetBody() == nil && b.token.GetSignature() == nil
}
func (b *BearerToken) SetLifetime(exp, nbf, iat uint64) { func (b *BearerToken) SetLifetime(exp, nbf, iat uint64) {
body := b.token.GetBody() body := b.token.GetBody()
if body == nil { if body == nil {
@ -50,6 +55,18 @@ func (b *BearerToken) SetLifetime(exp, nbf, iat uint64) {
b.token.SetBody(body) b.token.SetBody(body)
} }
func (b BearerToken) Expiration() uint64 {
return b.token.GetBody().GetLifetime().GetExp()
}
func (b BearerToken) NotBeforeTime() uint64 {
return b.token.GetBody().GetLifetime().GetNbf()
}
func (b BearerToken) IssuedAt() uint64 {
return b.token.GetBody().GetLifetime().GetIat()
}
func (b *BearerToken) SetEACLTable(table *eacl.Table) { func (b *BearerToken) SetEACLTable(table *eacl.Table) {
body := b.token.GetBody() body := b.token.GetBody()
if body == nil { if body == nil {
@ -60,6 +77,10 @@ func (b *BearerToken) SetEACLTable(table *eacl.Table) {
b.token.SetBody(body) b.token.SetBody(body)
} }
func (b BearerToken) EACLTable() *eacl.Table {
return eacl.NewTableFromV2(b.token.GetBody().GetEACL())
}
func (b *BearerToken) SetOwner(id *owner.ID) { func (b *BearerToken) SetOwner(id *owner.ID) {
body := b.token.GetBody() body := b.token.GetBody()
if body == nil { if body == nil {
@ -70,6 +91,10 @@ func (b *BearerToken) SetOwner(id *owner.ID) {
b.token.SetBody(body) b.token.SetBody(body)
} }
func (b BearerToken) OwnerID() *owner.ID {
return owner.NewIDFromV2(b.token.GetBody().GetOwnerID())
}
func (b *BearerToken) SignToken(key *ecdsa.PrivateKey) error { func (b *BearerToken) SignToken(key *ecdsa.PrivateKey) error {
err := sanityCheck(b) err := sanityCheck(b)
if err != nil { if err != nil {
@ -78,7 +103,7 @@ func (b *BearerToken) SignToken(key *ecdsa.PrivateKey) error {
signWrapper := v2signature.StableMarshalerWrapper{SM: b.token.GetBody()} signWrapper := v2signature.StableMarshalerWrapper{SM: b.token.GetBody()}
return signature.SignDataWithHandler(key, signWrapper, func(key []byte, sig []byte) { return util.SignDataWithHandler(key, signWrapper, func(key []byte, sig []byte) {
bearerSignature := new(refs.Signature) bearerSignature := new(refs.Signature)
bearerSignature.SetKey(key) bearerSignature.SetKey(key)
bearerSignature.SetSign(sig) bearerSignature.SetSign(sig)
@ -86,6 +111,23 @@ func (b *BearerToken) SignToken(key *ecdsa.PrivateKey) error {
}) })
} }
func (b BearerToken) Signature() *signature.Signature {
return signature.NewFromV2(b.token.GetSignature())
}
func (b BearerToken) VerifySignature() error {
if b.Empty() {
return nil
}
return util.VerifyDataWithSource(
v2signature.StableMarshalerWrapper{SM: b.token.GetBody()},
func() (key, sig []byte) {
sigV2 := b.token.GetSignature()
return sigV2.GetKey(), sigV2.GetSign()
})
}
// Issuer returns owner.ID associated with the key that signed bearer token. // Issuer returns owner.ID associated with the key that signed bearer token.
// To pass node validation it should be owner of requested container. Returns // To pass node validation it should be owner of requested container. Returns
// nil if token is not signed. // nil if token is not signed.