[#248] session: Add Issuer method

There is a need to duplicate session token owner, e.g. in container created within the session. For such cases we need to have the ability to receive session issuer. Add `Container.Issuer` method. Transform `IssuedBy` to helper function. Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-23 19:15:11 +03:00 · 2022-05-23 19:15:11 +03:00 · 60ef026923
commit 60ef026923
parent c976332e20
2 changed files with 35 additions and 18 deletions
--- a/session/container.go
+++ b/session/container.go
@ -377,24 +377,26 @@ func (x Container) AssertAuthKey(key neofscrypto.PublicKey) bool {
 	return bytes.Equal(bKey, x.body.GetSessionKey())
 }

-// IssuedBy returns true if session token is signed
-// and, therefore, owned by specified user.
+// Issuer returns user ID of the session issuer.
+//
+// Makes sense only for signed Container instances. For unsigned instances,
+// Issuer returns zero user.ID.
 //
 // See also Sign.
-func (x Container) IssuedBy(id user.ID) bool {
-	var (
-		tokenOwner   user.ID
-		v2TokenOwner = x.body.GetOwnerID()
-	)
+func (x Container) Issuer() user.ID {
+	var issuer user.ID

-	if v2TokenOwner == nil {
-		return false
+	issuerV2 := x.body.GetOwnerID()
+	if issuerV2 != nil {
+		_ = issuer.ReadFromV2(*issuerV2)
 	}

-	err := tokenOwner.ReadFromV2(*v2TokenOwner)
-	if err != nil {
-		return false
-	}
-
-	return tokenOwner.Equals(id)
+	return issuer
+}
+
+// IssuedBy checks if Container session is issued by the given user.
+//
+// See also Container.Issuer.
+func IssuedBy(cnr Container, id user.ID) bool {
+	return cnr.Issuer().Equals(id)
 }
--- a/session/container_test.go
+++ b/session/container_test.go
@ -287,7 +287,7 @@ func TestContainerSignature(t *testing.T) {
 	}
 }

-func TestContainer_IssuedBy(t *testing.T) {
+func TestIssuedBy(t *testing.T) {
 	var (
 		token  session.Container
 		issuer user.ID
@ -296,8 +296,23 @@ func TestContainer_IssuedBy(t *testing.T) {

 	user.IDFromKey(&issuer, signer.PublicKey)

-	require.False(t, token.IssuedBy(issuer))
+	require.False(t, session.IssuedBy(token, issuer))

 	require.NoError(t, token.Sign(signer))
-	require.True(t, token.IssuedBy(issuer))
+	require.True(t, session.IssuedBy(token, issuer))
+}
+
+func TestContainer_Issuer(t *testing.T) {
+	var token session.Container
+	signer := randSigner()
+
+	require.Zero(t, token.Issuer())
+
+	require.NoError(t, token.Sign(signer))
+
+	var issuer user.ID
+
+	user.IDFromKey(&issuer, signer.PublicKey)
+
+	require.True(t, token.Issuer().Equals(issuer))
 }