[#13] Add bearer token usage in receive/upload methods

2021-02-16 18:20:15 +03:00 · 2021-02-16 18:20:15 +03:00 · 237c247ec4
commit 237c247ec4
parent e45e5ed6f9
5 changed files with 65 additions and 18 deletions
--- a/bearer.go
+++ b/bearer.go
@ -4,32 +4,33 @@ import (
 	"bytes"
 	"encoding/base64"

-	"github.com/pkg/errors"
-
 	"github.com/nspcc-dev/neofs-api-go/pkg/token"
+	"github.com/pkg/errors"
 	"github.com/valyala/fasthttp"
 )

 type fromHandler = func(h *fasthttp.RequestHeader) []byte

-const bearerToken = "Bearer"
+const (
+	bearerTokenHdr = "Bearer"
+	bearerTokenKey = "__context_bearer_token_key"
+)

 // BearerToken usage:
 //
-// if tkn, err = BearerToken(c); err != nil && tkn == nil {
+// if err = checkAndPropagateBearerToken(ctx); err != nil {
 // 	log.Error("could not fetch bearer token", zap.Error(err))
 // 	c.Error("could not fetch bearer token", fasthttp.StatusBadRequest)
 // 	return
 // }
-var _ = BearerToken

 func fromHeader(h *fasthttp.RequestHeader) []byte {
 	auth := h.Peek(fasthttp.HeaderAuthorization)
-	if auth == nil || !bytes.HasPrefix(auth, []byte(bearerToken)) {
+	if auth == nil || !bytes.HasPrefix(auth, []byte(bearerTokenHdr)) {
 		return nil
 	}

-	if auth = bytes.TrimPrefix(auth, []byte(bearerToken+" ")); len(auth) == 0 {
+	if auth = bytes.TrimPrefix(auth, []byte(bearerTokenHdr+" ")); len(auth) == 0 {
 		return nil
 	}

@ -37,7 +38,7 @@ func fromHeader(h *fasthttp.RequestHeader) []byte {
 }

 func fromCookie(h *fasthttp.RequestHeader) []byte {
-	auth := h.Cookie(bearerToken)
+	auth := h.Cookie(bearerTokenHdr)
 	if len(auth) == 0 {
 		return nil
 	}
@ -45,10 +46,21 @@ func fromCookie(h *fasthttp.RequestHeader) []byte {
 	return auth
 }

-func BearerToken(ctx *fasthttp.RequestCtx) (*token.BearerToken, error) {
+func checkAndPropagateBearerToken(ctx *fasthttp.RequestCtx) error {
+	tkn, err := fetchBearerToken(ctx)
+	if err != nil {
+		return err
+	}
+
+	// This is an analog of context.WithValue.
+	ctx.SetUserValue(bearerTokenKey, tkn)
+
+	return nil
+}
+
+func fetchBearerToken(ctx *fasthttp.RequestCtx) (*token.BearerToken, error) {
 	// ignore empty value
 	if ctx == nil {
-		panic(nil)
 		return nil, nil
 	}

--- a/bearer_test.go
+++ b/bearer_test.go
@ -4,24 +4,23 @@ import (
 	"encoding/base64"
 	"testing"

+	sdk "github.com/nspcc-dev/cdn-sdk"
 	"github.com/nspcc-dev/neofs-api-go/pkg/owner"
-
 	"github.com/nspcc-dev/neofs-api-go/pkg/token"
-
 	"github.com/stretchr/testify/require"
 	"github.com/valyala/fasthttp"
 )

 func makeTestCookie(value []byte) *fasthttp.RequestHeader {
 	header := new(fasthttp.RequestHeader)
-	header.SetCookie(bearerToken, string(value))
+	header.SetCookie(bearerTokenHdr, string(value))
 	return header
 }

 func makeTestHeader(value []byte) *fasthttp.RequestHeader {
 	header := new(fasthttp.RequestHeader)
 	if value != nil {
-		header.Set(fasthttp.HeaderAuthorization, bearerToken+" "+string(value))
+		header.Set(fasthttp.HeaderAuthorization, bearerTokenHdr+" "+string(value))
 	}
 	return header
 }
@ -60,7 +59,7 @@ func Test_fromHeader(t *testing.T) {
 	}
 }

-func TestBearerToken(t *testing.T) {
+func Test_fetchBearerToken(t *testing.T) {
 	uid := owner.NewID()

 	tkn := new(token.BearerToken)
@ -111,7 +110,7 @@ func TestBearerToken(t *testing.T) {
 	for _, tt := range cases {
 		t.Run(tt.name, func(t *testing.T) {
 			ctx := makeTestRequest(tt.cookie, tt.header)
-			actual, err := BearerToken(ctx)
+			actual, err := fetchBearerToken(ctx)

 			if tt.error == "" {
 				require.NoError(t, err)
@ -129,11 +128,34 @@ func makeTestRequest(cookie, header string) *fasthttp.RequestCtx {
 	ctx := new(fasthttp.RequestCtx)

 	if cookie != "" {
-		ctx.Request.Header.SetCookie(bearerToken, cookie)
+		ctx.Request.Header.SetCookie(bearerTokenHdr, cookie)
 	}

 	if header != "" {
-		ctx.Request.Header.Set(fasthttp.HeaderAuthorization, bearerToken+" "+header)
+		ctx.Request.Header.Set(fasthttp.HeaderAuthorization, bearerTokenHdr+" "+header)
 	}
 	return ctx
 }
+
+func Test_checkAndPropagateBearerToken(t *testing.T) {
+	uid := owner.NewID()
+
+	tkn := new(token.BearerToken)
+	tkn.SetOwner(uid)
+
+	data, err := tkn.Marshal()
+	require.NoError(t, err)
+
+	t64 := base64.StdEncoding.EncodeToString(data)
+	require.NotEmpty(t, t64)
+
+	ctx := makeTestRequest(t64, "")
+
+	// Expect to see the token within the context.
+	require.NoError(t, checkAndPropagateBearerToken(ctx))
+
+	// Expect to see the same token without errors.
+	actual, err := sdk.BearerToken(ctx)
+	require.NoError(t, err)
+	require.Equal(t, tkn, actual)
+}
--- a/go.mod
+++ b/go.mod
@ -11,6 +11,7 @@ require (
 	github.com/prometheus/common v0.15.0
 	github.com/spf13/pflag v1.0.5
 	github.com/spf13/viper v1.7.1
+	github.com/stretchr/testify v1.7.0
 	github.com/valyala/fasthttp v1.20.0
 	go.uber.org/zap v1.16.0
 	google.golang.org/grpc v1.35.0
--- a/receive.go
+++ b/receive.go
@ -57,6 +57,12 @@ func (r *request) receiveFile(address *object.Address) {
 		filename string
 	)

+	if err = checkAndPropagateBearerToken(r.RequestCtx); err != nil {
+		r.log.Error("could not fetch bearer token", zap.Error(err))
+		r.Error("could not fetch bearer token", fasthttp.StatusBadRequest)
+		return
+	}
+
 	writer := newDetector(r.Response.BodyWriter())
 	obj, err := r.obj.Get(r, address, sdk.WithGetWriter(writer))
 	if err != nil {
--- a/upload.go
+++ b/upload.go
@ -44,6 +44,12 @@ func (a *app) upload(c *fasthttp.RequestCtx) {
 		log = a.log.With(zap.String("cid", sCID))
 	)

+	if err = checkAndPropagateBearerToken(c); err != nil {
+		log.Error("could not fetch bearer token", zap.Error(err))
+		c.Error("could not fetch bearer token", fasthttp.StatusBadRequest)
+		return
+	}
+
 	if err = cid.Parse(sCID); err != nil {
 		log.Error("wrong container id", zap.Error(err))
 		c.Error("wrong container id", fasthttp.StatusBadRequest)