From 64505180b400b30917649f4b54ac29748e949d41 Mon Sep 17 00:00:00 2001 From: Evgenii Stratonikov Date: Wed, 10 Mar 2021 15:15:54 +0300 Subject: [PATCH] [#261] pkg/client: Provide signing key in call options Allow to reuse underlying connection for requests with different key. If no key is specified the one provided on client creation is used. Signed-off-by: Evgenii Stratonikov --- pkg/client/accounting.go | 4 ++-- pkg/client/container.go | 24 ++++++++++++------------ pkg/client/netmap.go | 4 ++-- pkg/client/object.go | 18 +++++++++--------- pkg/client/opts.go | 22 ++++++++++++++++++++++ pkg/client/session.go | 4 ++-- 6 files changed, 49 insertions(+), 27 deletions(-) diff --git a/pkg/client/accounting.go b/pkg/client/accounting.go index 9b3f1294..99e520ca 100644 --- a/pkg/client/accounting.go +++ b/pkg/client/accounting.go @@ -34,7 +34,7 @@ func (c Client) getBalanceV2(ctx context.Context, ownerID *owner.ID, opts ...Cal } if ownerID == nil { - w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey) + w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey) if err != nil { return nil, err } @@ -50,7 +50,7 @@ func (c Client) getBalanceV2(ctx context.Context, ownerID *owner.ID, opts ...Cal req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err := v2signature.SignServiceMessage(c.key, req) + err := v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err } diff --git a/pkg/client/container.go b/pkg/client/container.go index 4e7e6fa2..83ea6579 100644 --- a/pkg/client/container.go +++ b/pkg/client/container.go @@ -172,7 +172,7 @@ func (c Client) putContainerV2(ctx context.Context, cnr *container.Container, op // if container owner is not set, then use client key as owner if cnr.OwnerID() == nil { - w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey) + w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey) if err != nil { return nil, err } @@ -189,7 +189,7 @@ func (c Client) putContainerV2(ctx context.Context, cnr *container.Container, op // sign container signWrapper := v2signature.StableMarshalerWrapper{SM: reqBody.GetContainer()} - err := signature.SignDataWithHandler(c.key, signWrapper, func(key []byte, sig []byte) { + err := signature.SignDataWithHandler(callOptions.key, signWrapper, func(key []byte, sig []byte) { containerSignature := new(refs.Signature) containerSignature.SetKey(key) containerSignature.SetSign(sig) @@ -203,7 +203,7 @@ func (c Client) putContainerV2(ctx context.Context, cnr *container.Container, op req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err = v2signature.SignServiceMessage(c.key, req) + err = v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err } @@ -246,7 +246,7 @@ func (c Client) getContainerV2(ctx context.Context, id *container.ID, opts ...Ca req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err := v2signature.SignServiceMessage(c.key, req) + err := v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err } @@ -283,7 +283,7 @@ func (c Client) listContainerV2(ctx context.Context, ownerID *owner.ID, opts ... } if ownerID == nil { - w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey) + w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey) if err != nil { return nil, err } @@ -299,7 +299,7 @@ func (c Client) listContainerV2(ctx context.Context, ownerID *owner.ID, opts ... req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err := v2signature.SignServiceMessage(c.key, req) + err := v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err } @@ -344,7 +344,7 @@ func (c Client) delContainerV2(ctx context.Context, id *container.ID, opts ...Ca reqBody.SetContainerID(id.ToV2()) // sign container - err := signature.SignDataWithHandler(c.key, + err := signature.SignDataWithHandler(callOptions.key, delContainerSignWrapper{ body: reqBody, }, @@ -363,7 +363,7 @@ func (c Client) delContainerV2(ctx context.Context, id *container.ID, opts ...Ca req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err = v2signature.SignServiceMessage(c.key, req) + err = v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return err } @@ -406,7 +406,7 @@ func (c Client) getEACLV2(ctx context.Context, id *container.ID, verify bool, op req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err := v2signature.SignServiceMessage(c.key, req) + err := v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err } @@ -469,7 +469,7 @@ func (c Client) setEACLV2(ctx context.Context, eacl *eacl.Table, opts ...CallOpt signWrapper := v2signature.StableMarshalerWrapper{SM: reqBody.GetEACL()} - err := signature.SignDataWithHandler(c.key, signWrapper, func(key []byte, sig []byte) { + err := signature.SignDataWithHandler(callOptions.key, signWrapper, func(key []byte, sig []byte) { eaclSignature := new(refs.Signature) eaclSignature.SetKey(key) eaclSignature.SetSign(sig) @@ -483,7 +483,7 @@ func (c Client) setEACLV2(ctx context.Context, eacl *eacl.Table, opts ...CallOpt req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err = v2signature.SignServiceMessage(c.key, req) + err = v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return err } @@ -536,7 +536,7 @@ func (c Client) announceContainerUsedSpaceV2( req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) // sign the request - err := v2signature.SignServiceMessage(c.key, req) + err := v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return err } diff --git a/pkg/client/netmap.go b/pkg/client/netmap.go index f45eb786..c440aa18 100644 --- a/pkg/client/netmap.go +++ b/pkg/client/netmap.go @@ -56,7 +56,7 @@ func (c Client) endpointInfoV2(ctx context.Context, opts ...CallOption) (*v2netm req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err := v2signature.SignServiceMessage(c.key, req) + err := v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err } @@ -144,7 +144,7 @@ func (c Client) networkInfoV2(ctx context.Context, opts ...CallOption) (*v2netma req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err := v2signature.SignServiceMessage(c.key, req) + err := v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err } diff --git a/pkg/client/object.go b/pkg/client/object.go index 7e84f72c..7c070512 100644 --- a/pkg/client/object.go +++ b/pkg/client/object.go @@ -254,7 +254,7 @@ func (c *Client) putObjectV2(ctx context.Context, p *PutObjectParams, opts ...Ca initPart.SetHeader(obj.GetHeader()) // sign the request - if err := signature.SignServiceMessage(c.key, req); err != nil { + if err := signature.SignServiceMessage(callOpts.key, req); err != nil { return nil, errors.Wrapf(err, "could not sign %T", req) } @@ -274,7 +274,7 @@ func (c *Client) putObjectV2(ctx context.Context, p *PutObjectParams, opts ...Ca body.SetObjectPart(chunkPart) w := &putObjectV2Writer{ - key: c.key, + key: callOpts.key, chunkPart: chunkPart, req: req, stream: stream, @@ -415,7 +415,7 @@ func (c *Client) deleteObjectV2(ctx context.Context, p *DeleteObjectParams, opts body.SetAddress(p.addr.ToV2()) // sign the request - if err := signature.SignServiceMessage(c.key, req); err != nil { + if err := signature.SignServiceMessage(callOpts.key, req); err != nil { return nil, errors.Wrapf(err, "could not sign %T", req) } @@ -529,7 +529,7 @@ func (c *Client) getObjectV2(ctx context.Context, p *GetObjectParams, opts ...Ca body.SetRaw(p.raw) // sign the request - if err := signature.SignServiceMessage(c.key, req); err != nil { + if err := signature.SignServiceMessage(callOpts.key, req); err != nil { return nil, errors.Wrapf(err, "could not sign %T", req) } @@ -702,7 +702,7 @@ func (c *Client) getObjectHeaderV2(ctx context.Context, p *ObjectHeaderParams, o body.SetRaw(p.raw) // sign the request - if err := signature.SignServiceMessage(c.key, req); err != nil { + if err := signature.SignServiceMessage(callOpts.key, req); err != nil { return nil, errors.Wrapf(err, "could not sign %T", req) } @@ -899,7 +899,7 @@ func (c *Client) objectPayloadRangeV2(ctx context.Context, p *RangeDataParams, o body.SetRaw(p.raw) // sign the request - if err := signature.SignServiceMessage(c.key, req); err != nil { + if err := signature.SignServiceMessage(callOpts.key, req); err != nil { return nil, errors.Wrapf(err, "could not sign %T", req) } @@ -1081,7 +1081,7 @@ func (c *Client) objectPayloadRangeHashV2(ctx context.Context, p *RangeChecksumP body.SetRanges(rsV2) // sign the request - if err := signature.SignServiceMessage(c.key, req); err != nil { + if err := signature.SignServiceMessage(callOpts.key, req); err != nil { return nil, errors.Wrapf(err, "could not sign %T", req) } @@ -1228,7 +1228,7 @@ func (c *Client) searchObjectV2(ctx context.Context, p *SearchObjectParams, opts body.SetFilters(p.filters.ToV2()) // sign the request - if err := signature.SignServiceMessage(c.key, req); err != nil { + if err := signature.SignServiceMessage(callOpts.key, req); err != nil { return nil, errors.Wrapf(err, "could not sign %T", req) } @@ -1327,7 +1327,7 @@ func (c Client) attachV2SessionToken(opts callOptions, hdr *v2session.RequestMet signWrapper := signature.StableMarshalerWrapper{SM: token.GetBody()} - err := signer.SignDataWithHandler(c.key, signWrapper, func(key []byte, sig []byte) { + err := signer.SignDataWithHandler(opts.key, signWrapper, func(key []byte, sig []byte) { sessionTokenSignature := new(v2refs.Signature) sessionTokenSignature.SetKey(key) sessionTokenSignature.SetSign(sig) diff --git a/pkg/client/opts.go b/pkg/client/opts.go index 9e846654..7450d129 100644 --- a/pkg/client/opts.go +++ b/pkg/client/opts.go @@ -1,10 +1,12 @@ package client import ( + "crypto/ecdsa" "fmt" "time" "github.com/nspcc-dev/neofs-api-go/pkg" + "github.com/nspcc-dev/neofs-api-go/pkg/owner" "github.com/nspcc-dev/neofs-api-go/pkg/token" v2accounting "github.com/nspcc-dev/neofs-api-go/v2/accounting" v2container "github.com/nspcc-dev/neofs-api-go/v2/container" @@ -29,6 +31,7 @@ type ( xHeaders []*pkg.XHeader ttl uint32 epoch uint64 + key *ecdsa.PrivateKey session *token.SessionToken bearer *token.BearerToken } @@ -69,6 +72,7 @@ func (c Client) defaultCallOptions() callOptions { return callOptions{ ttl: 2, version: pkg.SDKVersion(), + key: c.key, session: c.sessionToken, bearer: c.bearerToken, } @@ -100,6 +104,13 @@ func WithTTL(ttl uint32) CallOption { }) } +// WithKey sets client's key for the next request. +func WithKey(key *ecdsa.PrivateKey) CallOption { + return newFuncCallOption(func(option *callOptions) { + option.key = key + }) +} + func WithEpoch(epoch uint64) CallOption { return newFuncCallOption(func(option *callOptions) { option.epoch = epoch @@ -178,3 +189,14 @@ func WithDialTimeout(dur time.Duration) Option { option.dialTimeout = dur }) } + +func newOwnerIDFromKey(key *ecdsa.PublicKey) (*owner.ID, error) { + w, err := owner.NEO3WalletFromPublicKey(key) + if err != nil { + return nil, err + } + + ownerID := new(owner.ID) + ownerID.SetNeo3Wallet(w) + return ownerID, nil +} diff --git a/pkg/client/session.go b/pkg/client/session.go index 769c517a..6f368e1d 100644 --- a/pkg/client/session.go +++ b/pkg/client/session.go @@ -30,7 +30,7 @@ func (c Client) createSessionV2(ctx context.Context, expiration uint64, opts ... opts[i].apply(&callOptions) } - w, err := owner.NEO3WalletFromPublicKey(&c.key.PublicKey) + w, err := owner.NEO3WalletFromPublicKey(&callOptions.key.PublicKey) if err != nil { return nil, err } @@ -46,7 +46,7 @@ func (c Client) createSessionV2(ctx context.Context, expiration uint64, opts ... req.SetBody(reqBody) req.SetMetaHeader(v2MetaHeaderFromOpts(callOptions)) - err = v2signature.SignServiceMessage(c.key, req) + err = v2signature.SignServiceMessage(callOptions.key, req) if err != nil { return nil, err }