[#1261] neofs-cli: Allow to create bearer tokens

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
This commit is contained in:
Evgenii Stratonikov 2022-03-23 15:47:34 +03:00 committed by Alex Vanin
parent ae8e38cace
commit 9b2523a408
3 changed files with 114 additions and 0 deletions

View file

@ -16,6 +16,7 @@ import (
"github.com/nspcc-dev/neo-go/pkg/util"
"github.com/nspcc-dev/neo-go/pkg/wallet"
"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/acl"
tokenCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/token"
"github.com/nspcc-dev/neofs-node/misc"
"github.com/nspcc-dev/neofs-node/pkg/network"
"github.com/nspcc-dev/neofs-sdk-go/client"
@ -126,6 +127,7 @@ func init() {
rootCmd.Flags().Bool("version", false, "Application version and NeoFS API compatibility")
rootCmd.AddCommand(acl.Cmd)
rootCmd.AddCommand(tokenCli.Cmd)
}
func entryPoint(cmd *cobra.Command, _ []string) {

View file

@ -0,0 +1,98 @@
package token
import (
"encoding/json"
"fmt"
"io/ioutil"
eaclSDK "github.com/nspcc-dev/neofs-sdk-go/eacl"
"github.com/nspcc-dev/neofs-sdk-go/owner"
"github.com/nspcc-dev/neofs-sdk-go/token"
"github.com/spf13/cobra"
)
const (
eaclFlag = "eacl"
issuedAtFlag = "issued-at"
notValidBeforeFlag = "not-valid-before"
expireAtFlag = "expire-at"
ownerFlag = "owner"
outFlag = "out"
jsonFlag = "json"
)
var createCmd = &cobra.Command{
Use: "create",
Short: "Create bearer token",
RunE: createToken,
}
func init() {
createCmd.Flags().StringP(eaclFlag, "e", "", "path to the extended ACL table")
createCmd.Flags().Uint64P(issuedAtFlag, "i", 0, "epoch to issue token at")
createCmd.Flags().Uint64P(notValidBeforeFlag, "n", 0, "not valid before epoch")
createCmd.Flags().Uint64P(expireAtFlag, "x", 0, "expiration epoch")
createCmd.Flags().StringP(ownerFlag, "o", "", "token owner")
createCmd.Flags().String(outFlag, "", "file to write token to")
createCmd.Flags().Bool(jsonFlag, false, "output token in JSON")
_ = cobra.MarkFlagFilename(createCmd.Flags(), eaclFlag)
_ = cobra.MarkFlagRequired(createCmd.Flags(), issuedAtFlag)
_ = cobra.MarkFlagRequired(createCmd.Flags(), notValidBeforeFlag)
_ = cobra.MarkFlagRequired(createCmd.Flags(), expireAtFlag)
_ = cobra.MarkFlagRequired(createCmd.Flags(), ownerFlag)
_ = cobra.MarkFlagRequired(createCmd.Flags(), outFlag)
}
func createToken(cmd *cobra.Command, _ []string) error {
iat, _ := cmd.Flags().GetUint64(issuedAtFlag)
exp, _ := cmd.Flags().GetUint64(expireAtFlag)
nvb, _ := cmd.Flags().GetUint64(notValidBeforeFlag)
if exp < nvb {
return fmt.Errorf("expiration epoch is less than not-valid-before epoch: %d < %d", exp, nvb)
}
ownerStr, _ := cmd.Flags().GetString(ownerFlag)
ownerID := owner.NewID()
if err := ownerID.Parse(ownerStr); err != nil {
return fmt.Errorf("can't parse recipient: %w", err)
}
b := token.NewBearerToken()
b.SetLifetime(exp, nvb, iat)
b.SetOwner(ownerID)
eaclPath, _ := cmd.Flags().GetString(eaclFlag)
if eaclPath != "" {
table := eaclSDK.NewTable()
raw, err := ioutil.ReadFile(eaclPath)
if err != nil {
return fmt.Errorf("can't read extended ACL file: %w", err)
}
if err := json.Unmarshal(raw, table); err != nil {
return fmt.Errorf("can't parse extended ACL: %w", err)
}
b.SetEACLTable(table)
}
var data []byte
var err error
toJSON, _ := cmd.Flags().GetBool(jsonFlag)
if toJSON {
data, err = json.Marshal(b)
} else {
data, err = b.Marshal(nil)
}
if err != nil {
return fmt.Errorf("can't mashal token: %w", err)
}
out, _ := cmd.Flags().GetString(outFlag)
if err := ioutil.WriteFile(out, data, 0644); err != nil {
return fmt.Errorf("can't write token to file: %w", err)
}
return nil
}

View file

@ -0,0 +1,14 @@
package token
import (
"github.com/spf13/cobra"
)
var Cmd = &cobra.Command{
Use: "token",
Short: "Operations with bearer token",
}
func init() {
Cmd.AddCommand(createCmd)
}