Add `sessiontest.GenerateSigned` function which returns signed random token.
Clarify that `sessiontest.Generate` returns an unsigned token. Use these
functions to assert the correctness of `Sign` / `VerifySignature` methods.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement `Token.Sign` method which calculates signature of the data of the
`Token` and writes the signature into it. Implement `Token.VerifySignature`
which checks if `Token` signature is presented and valid. These methods
allow to abstract the external context from the details of what kind of data
is being signed and how the signature is stored.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Create `ownertest` package with functions which generate random `owner.ID`
instances. These functions is going to be used for testing.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Nil slice of records of the `Table` should be converted to nil slice in
corresponding field of API v2 message structure.
Add nil-check in `Table.ToV2` implementation. The changes fix corresponding
unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Document field values of instance constructed via `NewTable`. Assert the
values in corresponding unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Nil slices of targets and filters of the `Record` should be converted to nil
slices in corresponding fields of API v2 message structure.
Add nil-check in `Record.ToV2` implementation. The changes fix corresponding
unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Document field values of instance constructed via `NewRecord`. Assert the
values in corresponding unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Document field values of instance constructed via `NewTarget`. Assert the
values in corresponding unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Document field values of instance constructed via `NewFilter`. Assert the
values in corresponding unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Call `SetSessionToken` and `SetSignature` methods on resulting eACL table
with items from response body. From now eACL signature can be accessed from
the table itself, so `EACLWithSignature.Signature` is marked deprecated.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Write session token of `container.Container` to container SetExtendedACL
request body inside `client.SetEACL` call.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Call `SetSessionToken` and `SetSignature` methods on resulting container
with items from response body.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Write session token of `container.Container` to container PUT request body
during `client.PutContainer` call.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Set signature and session token in `GenerateGetResponseBody`. Set session
token in `GenerateGetExtendedACLResponseBody`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add field of type `session.SessionToken` to `GetResponseBody` and
`GetExtendedACLResponseBody` messages. Add field of type `refs,Signature` to
`GetResponseBody` message. Change the implementation of all related methods.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Extended ACL table can be set within a session, and should be signed.
Add `SessionToken` / `SetSessionToken` (`Signature` / `SetSignature`)
methods to carry session token (signature) in `Table` structure.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to add session token to `eacl.Table` structure. To do this,
we need to replace `token.SessionToken` type to another package since `eacl`
package imports `token` one (potential cross-import).
Create `pkg/session` package and replace session token implementation to it.
Related API in `container` package is deprecated from now.
Additionally implement test generator of random session tokens.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Container can be created within a session, and should be signed.
Add `SessionToken` / `SetSessionToken` (`Signature` / `SetSignature`)
methods to carry session token (signature) in `Container` structure.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In order to prevent potential cross imports, container ID should be defined
in a separate package as a base type. A similar approach was used in the
NeoFS API design.
Create `pkg/container/id` package and replace container ID implementation to
it. Related API in `container` package is deprecated from now.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Define `ContainerSessionContext` structure, implement getters / setters,
JSON and binary encoders, gRPC converters. Support new type of context in
SessionTokenBody message. Add test message generator and cover methods with
unit tests.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement `SessionToken_Body.SetContainerSessionContext` method. Implement
field setters on `ContainerSessionContext`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Since raw client initialization is
postponed until the first `Raw()` function
call, there is no need to init empty(
without options) raw client in constructor.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Add `WithTLSConfig` option to client.
If it is not nil then client will
try to open secured connection.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Allocate capacity instead of length of the slice to write the object payload
range since each chunk is written through `append`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In `SendIntermediateResultRequestBody`
add nil check for `trust` field.
If true, allocate new `PeerToPeerTrust`.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Change accepted/returned value type of `SetTrust` / `Trust` methods of
`SendIntermediateTrustPrm` structure to `reputation.PeerToPeerTrust`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>