forked from TrueCloudLab/frostfs-api-go
[#261] pkg/client: Provide signing key in call options
Allow to reuse underlying connection for requests with different key. If no key is specified the one provided on client creation is used. Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
This commit is contained in:
Evgenii Stratonikov
Leonard Lyubich
parent
74769323be
commit
64505180b4
6 changed files with 49 additions and 27 deletions
|
|
@ -34,7 +34,7 @@ func (c Client) getBalanceV2(ctx context.Context, ownerID *owner.ID, opts ...Cal
|
||||||
}
|
}
|
||||||
|
|
||||||
if ownerID == nil {
|
if ownerID == nil {
|
||||||
w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey)
|
w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -50,7 +50,7 @@ func (c Client) getBalanceV2(ctx context.Context, ownerID *owner.ID, opts ...Cal
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err := v2signature.SignServiceMessage(c.key, req)
|
err := v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -172,7 +172,7 @@ func (c Client) putContainerV2(ctx context.Context, cnr *container.Container, op
|
||||||
|
|
||||||
// if container owner is not set, then use client key as owner
|
// if container owner is not set, then use client key as owner
|
||||||
if cnr.OwnerID() == nil {
|
if cnr.OwnerID() == nil {
|
||||||
w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey)
|
w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -189,7 +189,7 @@ func (c Client) putContainerV2(ctx context.Context, cnr *container.Container, op
|
||||||
// sign container
|
// sign container
|
||||||
signWrapper := v2signature.StableMarshalerWrapper{SM: reqBody.GetContainer()}
|
signWrapper := v2signature.StableMarshalerWrapper{SM: reqBody.GetContainer()}
|
||||||
|
|
||||||
err := signature.SignDataWithHandler(c.key, signWrapper, func(key []byte, sig []byte) {
|
err := signature.SignDataWithHandler(callOptions.key, signWrapper, func(key []byte, sig []byte) {
|
||||||
containerSignature := new(refs.Signature)
|
containerSignature := new(refs.Signature)
|
||||||
containerSignature.SetKey(key)
|
containerSignature.SetKey(key)
|
||||||
containerSignature.SetSign(sig)
|
containerSignature.SetSign(sig)
|
||||||
|
|
@ -203,7 +203,7 @@ func (c Client) putContainerV2(ctx context.Context, cnr *container.Container, op
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err = v2signature.SignServiceMessage(c.key, req)
|
err = v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -246,7 +246,7 @@ func (c Client) getContainerV2(ctx context.Context, id *container.ID, opts ...Ca
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err := v2signature.SignServiceMessage(c.key, req)
|
err := v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -283,7 +283,7 @@ func (c Client) listContainerV2(ctx context.Context, ownerID *owner.ID, opts ...
|
||||||
}
|
}
|
||||||
|
|
||||||
if ownerID == nil {
|
if ownerID == nil {
|
||||||
w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey)
|
w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -299,7 +299,7 @@ func (c Client) listContainerV2(ctx context.Context, ownerID *owner.ID, opts ...
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err := v2signature.SignServiceMessage(c.key, req)
|
err := v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -344,7 +344,7 @@ func (c Client) delContainerV2(ctx context.Context, id *container.ID, opts ...Ca
|
||||||
reqBody.SetContainerID(id.ToV2())
|
reqBody.SetContainerID(id.ToV2())
|
||||||
|
|
||||||
// sign container
|
// sign container
|
||||||
err := signature.SignDataWithHandler(c.key,
|
err := signature.SignDataWithHandler(callOptions.key,
|
||||||
delContainerSignWrapper{
|
delContainerSignWrapper{
|
||||||
body: reqBody,
|
body: reqBody,
|
||||||
},
|
},
|
||||||
|
|
@ -363,7 +363,7 @@ func (c Client) delContainerV2(ctx context.Context, id *container.ID, opts ...Ca
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err = v2signature.SignServiceMessage(c.key, req)
|
err = v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
@ -406,7 +406,7 @@ func (c Client) getEACLV2(ctx context.Context, id *container.ID, verify bool, op
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err := v2signature.SignServiceMessage(c.key, req)
|
err := v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -469,7 +469,7 @@ func (c Client) setEACLV2(ctx context.Context, eacl *eacl.Table, opts ...CallOpt
|
||||||
|
|
||||||
signWrapper := v2signature.StableMarshalerWrapper{SM: reqBody.GetEACL()}
|
signWrapper := v2signature.StableMarshalerWrapper{SM: reqBody.GetEACL()}
|
||||||
|
|
||||||
err := signature.SignDataWithHandler(c.key, signWrapper, func(key []byte, sig []byte) {
|
err := signature.SignDataWithHandler(callOptions.key, signWrapper, func(key []byte, sig []byte) {
|
||||||
eaclSignature := new(refs.Signature)
|
eaclSignature := new(refs.Signature)
|
||||||
eaclSignature.SetKey(key)
|
eaclSignature.SetKey(key)
|
||||||
eaclSignature.SetSign(sig)
|
eaclSignature.SetSign(sig)
|
||||||
|
|
@ -483,7 +483,7 @@ func (c Client) setEACLV2(ctx context.Context, eacl *eacl.Table, opts ...CallOpt
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err = v2signature.SignServiceMessage(c.key, req)
|
err = v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
@ -536,7 +536,7 @@ func (c Client) announceContainerUsedSpaceV2(
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
err := v2signature.SignServiceMessage(c.key, req)
|
err := v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -56,7 +56,7 @@ func (c Client) endpointInfoV2(ctx context.Context, opts ...CallOption) (*v2netm
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err := v2signature.SignServiceMessage(c.key, req)
|
err := v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -144,7 +144,7 @@ func (c Client) networkInfoV2(ctx context.Context, opts ...CallOption) (*v2netma
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err := v2signature.SignServiceMessage(c.key, req)
|
err := v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -254,7 +254,7 @@ func (c *Client) putObjectV2(ctx context.Context, p *PutObjectParams, opts ...Ca
|
||||||
initPart.SetHeader(obj.GetHeader())
|
initPart.SetHeader(obj.GetHeader())
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
if err := signature.SignServiceMessage(c.key, req); err != nil {
|
if err := signature.SignServiceMessage(callOpts.key, req); err != nil {
|
||||||
return nil, errors.Wrapf(err, "could not sign %T", req)
|
return nil, errors.Wrapf(err, "could not sign %T", req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -274,7 +274,7 @@ func (c *Client) putObjectV2(ctx context.Context, p *PutObjectParams, opts ...Ca
|
||||||
body.SetObjectPart(chunkPart)
|
body.SetObjectPart(chunkPart)
|
||||||
|
|
||||||
w := &putObjectV2Writer{
|
w := &putObjectV2Writer{
|
||||||
key: c.key,
|
key: callOpts.key,
|
||||||
chunkPart: chunkPart,
|
chunkPart: chunkPart,
|
||||||
req: req,
|
req: req,
|
||||||
stream: stream,
|
stream: stream,
|
||||||
|
|
@ -415,7 +415,7 @@ func (c *Client) deleteObjectV2(ctx context.Context, p *DeleteObjectParams, opts
|
||||||
body.SetAddress(p.addr.ToV2())
|
body.SetAddress(p.addr.ToV2())
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
if err := signature.SignServiceMessage(c.key, req); err != nil {
|
if err := signature.SignServiceMessage(callOpts.key, req); err != nil {
|
||||||
return nil, errors.Wrapf(err, "could not sign %T", req)
|
return nil, errors.Wrapf(err, "could not sign %T", req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -529,7 +529,7 @@ func (c *Client) getObjectV2(ctx context.Context, p *GetObjectParams, opts ...Ca
|
||||||
body.SetRaw(p.raw)
|
body.SetRaw(p.raw)
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
if err := signature.SignServiceMessage(c.key, req); err != nil {
|
if err := signature.SignServiceMessage(callOpts.key, req); err != nil {
|
||||||
return nil, errors.Wrapf(err, "could not sign %T", req)
|
return nil, errors.Wrapf(err, "could not sign %T", req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -702,7 +702,7 @@ func (c *Client) getObjectHeaderV2(ctx context.Context, p *ObjectHeaderParams, o
|
||||||
body.SetRaw(p.raw)
|
body.SetRaw(p.raw)
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
if err := signature.SignServiceMessage(c.key, req); err != nil {
|
if err := signature.SignServiceMessage(callOpts.key, req); err != nil {
|
||||||
return nil, errors.Wrapf(err, "could not sign %T", req)
|
return nil, errors.Wrapf(err, "could not sign %T", req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -899,7 +899,7 @@ func (c *Client) objectPayloadRangeV2(ctx context.Context, p *RangeDataParams, o
|
||||||
body.SetRaw(p.raw)
|
body.SetRaw(p.raw)
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
if err := signature.SignServiceMessage(c.key, req); err != nil {
|
if err := signature.SignServiceMessage(callOpts.key, req); err != nil {
|
||||||
return nil, errors.Wrapf(err, "could not sign %T", req)
|
return nil, errors.Wrapf(err, "could not sign %T", req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1081,7 +1081,7 @@ func (c *Client) objectPayloadRangeHashV2(ctx context.Context, p *RangeChecksumP
|
||||||
body.SetRanges(rsV2)
|
body.SetRanges(rsV2)
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
if err := signature.SignServiceMessage(c.key, req); err != nil {
|
if err := signature.SignServiceMessage(callOpts.key, req); err != nil {
|
||||||
return nil, errors.Wrapf(err, "could not sign %T", req)
|
return nil, errors.Wrapf(err, "could not sign %T", req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1228,7 +1228,7 @@ func (c *Client) searchObjectV2(ctx context.Context, p *SearchObjectParams, opts
|
||||||
body.SetFilters(p.filters.ToV2())
|
body.SetFilters(p.filters.ToV2())
|
||||||
|
|
||||||
// sign the request
|
// sign the request
|
||||||
if err := signature.SignServiceMessage(c.key, req); err != nil {
|
if err := signature.SignServiceMessage(callOpts.key, req); err != nil {
|
||||||
return nil, errors.Wrapf(err, "could not sign %T", req)
|
return nil, errors.Wrapf(err, "could not sign %T", req)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1327,7 +1327,7 @@ func (c Client) attachV2SessionToken(opts callOptions, hdr *v2session.RequestMet
|
||||||
|
|
||||||
signWrapper := signature.StableMarshalerWrapper{SM: token.GetBody()}
|
signWrapper := signature.StableMarshalerWrapper{SM: token.GetBody()}
|
||||||
|
|
||||||
err := signer.SignDataWithHandler(c.key, signWrapper, func(key []byte, sig []byte) {
|
err := signer.SignDataWithHandler(opts.key, signWrapper, func(key []byte, sig []byte) {
|
||||||
sessionTokenSignature := new(v2refs.Signature)
|
sessionTokenSignature := new(v2refs.Signature)
|
||||||
sessionTokenSignature.SetKey(key)
|
sessionTokenSignature.SetKey(key)
|
||||||
sessionTokenSignature.SetSign(sig)
|
sessionTokenSignature.SetSign(sig)
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,12 @@
|
||||||
package client
|
package client
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/ecdsa"
|
||||||
"fmt"
|
"fmt"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg"
|
"github.com/nspcc-dev/neofs-api-go/pkg"
|
||||||
|
"github.com/nspcc-dev/neofs-api-go/pkg/owner"
|
||||||
"github.com/nspcc-dev/neofs-api-go/pkg/token"
|
"github.com/nspcc-dev/neofs-api-go/pkg/token"
|
||||||
v2accounting "github.com/nspcc-dev/neofs-api-go/v2/accounting"
|
v2accounting "github.com/nspcc-dev/neofs-api-go/v2/accounting"
|
||||||
v2container "github.com/nspcc-dev/neofs-api-go/v2/container"
|
v2container "github.com/nspcc-dev/neofs-api-go/v2/container"
|
||||||
|
|
@ -29,6 +31,7 @@ type (
|
||||||
xHeaders []*pkg.XHeader
|
xHeaders []*pkg.XHeader
|
||||||
ttl uint32
|
ttl uint32
|
||||||
epoch uint64
|
epoch uint64
|
||||||
|
key *ecdsa.PrivateKey
|
||||||
session *token.SessionToken
|
session *token.SessionToken
|
||||||
bearer *token.BearerToken
|
bearer *token.BearerToken
|
||||||
}
|
}
|
||||||
|
|
@ -69,6 +72,7 @@ func (c Client) defaultCallOptions() callOptions {
|
||||||
return callOptions{
|
return callOptions{
|
||||||
ttl: 2,
|
ttl: 2,
|
||||||
version: pkg.SDKVersion(),
|
version: pkg.SDKVersion(),
|
||||||
|
key: c.key,
|
||||||
session: c.sessionToken,
|
session: c.sessionToken,
|
||||||
bearer: c.bearerToken,
|
bearer: c.bearerToken,
|
||||||
}
|
}
|
||||||
|
|
@ -100,6 +104,13 @@ func WithTTL(ttl uint32) CallOption {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// WithKey sets client's key for the next request.
|
||||||
|
func WithKey(key *ecdsa.PrivateKey) CallOption {
|
||||||
|
return newFuncCallOption(func(option *callOptions) {
|
||||||
|
option.key = key
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func WithEpoch(epoch uint64) CallOption {
|
func WithEpoch(epoch uint64) CallOption {
|
||||||
return newFuncCallOption(func(option *callOptions) {
|
return newFuncCallOption(func(option *callOptions) {
|
||||||
option.epoch = epoch
|
option.epoch = epoch
|
||||||
|
|
@ -178,3 +189,14 @@ func WithDialTimeout(dur time.Duration) Option {
|
||||||
option.dialTimeout = dur
|
option.dialTimeout = dur
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func newOwnerIDFromKey(key *ecdsa.PublicKey) (*owner.ID, error) {
|
||||||
|
w, err := owner.NEO3WalletFromPublicKey(key)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
ownerID := new(owner.ID)
|
||||||
|
ownerID.SetNeo3Wallet(w)
|
||||||
|
return ownerID, nil
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,7 @@ func (c Client) createSessionV2(ctx context.Context, expiration uint64, opts ...
|
||||||
opts[i].apply(&callOptions)
|
opts[i].apply(&callOptions)
|
||||||
}
|
}
|
||||||
|
|
||||||
w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey)
|
w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -46,7 +46,7 @@ func (c Client) createSessionV2(ctx context.Context, expiration uint64, opts ...
|
||||||
req.SetBody(reqBody)
|
req.SetBody(reqBody)
|
||||||
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions))
|
||||||
|
|
||||||
err = v2signature.SignServiceMessage(c.key, req)
|
err = v2signature.SignServiceMessage(callOptions.key, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue