Commit graph

57 commits

Author SHA1 Message Date
4f27e34974 [#456] auth: Fix authentication for POST Object
During post object operation field AuthHeader in middleware.Box wasn't set
that led to panic

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-08-12 15:25:53 +03:00
e22ff52165 [#367] Add check of AccessBox attributes
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-19 06:25:26 +00:00
f1470bab4a [#318] auth: Add context for logged errors
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-29 17:30:28 +03:00
924e87face [#305] Support checking if accessbox was removed
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-09 09:41:48 +03:00
cf7254f8cd [#260] Refactor api/auth/center.go
Move the Center interface to middleware package where it's used

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-11-23 11:00:09 +03:00
861454e499 [#218] Add check content sha256 header
The X-Amz-Content-Sha256 header check is done only for unencrypted payload.

Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2023-11-22 11:33:52 +00:00
e3f2d59565 [#154] Rename access key to secret key
Signed-off-by: Roman Loginov <r.loginov@yadro.com>
2023-10-06 09:20:39 +00:00
6b109eee92 [#182] Fix parsing signed headers in presigned urls
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-08-08 13:04:53 +03:00
614d703726 [#106] Add chunk uploading
Signed-off-by: Artem Tataurov <a.tataurov@yadro.com>
2023-06-21 10:23:57 +03:00
b445f7bbf9 [#125] api/auth: DisableURIPathEscaping for presign
Don't use escaping when presign url.
Escape manually before.

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-06-02 14:16:19 +00:00
813aa2f173 Rename package name
Due to source code relocation from GitHub.

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-03-07 17:38:08 +03:00
388482e230 [#2] Rename internals
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2022-12-21 11:17:45 +03:00
96dff367db [#1] Build S3 Gateway with FrostFS dependencies
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2022-12-15 12:43:52 +03:00
Denis Kirillov
094eb12578 [#726] Use client time on regular requests
Use `X-Amz-Date` header as `now` when
* compute expiration epoch
* set Timestamp for object and container
* forming locks
* send notifications

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-11-14 14:53:55 +03:00
Angira Kekteeva
3e4fc52428 [#674] Add AccessKeyID filter
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-09-06 13:47:20 +03:00
Denis Kirillov
163038b37d [#672] Fix handling X-Amz-Copy-Source header
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-08-25 17:40:15 +03:00
Denis Kirillov
e104855633 [#488] Sync using oid.Address
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-07-22 15:19:16 +03:00
Denis Kirillov
7ca519cb32 [#539] Add context to errors
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-27 02:23:19 +04:00
Denis Kirillov
818176e7e1 [#528] Adopt aws v4signer
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-20 09:44:25 +03:00
Denis Kirillov
d521af2065 [#529] Add presign URLs support
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-06-16 17:17:45 +03:00
Leonard Lyubich
087d500c5f [#458] *: Refactor working with NeoFS identities
Pull latest changes from NeoFS SDK Go library. Decrease redundant and
unsafe usage of ID pointers. Use `EncodeToString` method in order to
calculate protocol strings.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-27 17:22:37 +04:00
Elizaveta Chichindaeva
bf38007692 [#405] English Check
Signed-off-by: Elizaveta Chichindaeva <elizaveta@nspcc.ru>
2022-04-22 14:01:40 +03:00
Leonard Lyubich
cd64f41ce8 [#346] *: Refactor communication with NeoFS at the protocol level
Make `tokens`, `authmate` and `layer` packages to depend from locally
defined `NeoFS` interface of the virtual connection to NeoFS network.
Create internal `neofs` package and implement these interfaces through
`pool.Pool` there. Implement mediators between `NeoFS` interfaces and
`neofs.NeoFS` implementation.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-03-04 00:14:30 +03:00
Leonard Lyubich
34a221c5c9 [#346] Upgrade NeoFS SDK Go library
Core changes:
  - `object.ID` moved to new package `oid`;
  - `object.Address` moved to new package `address`;
  - `pool.Object` interface changes.

Additionally:
  - Set container owner in `Agent.IssueSecret`.
  - Remove no longer needed fields from `GetObjectParams`
  - `Length` and `Offset` are never assigned. These values
  are set in `Range` field.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-03-04 00:14:30 +03:00
Denis Kirillov
d36dfe8c61 [#271] Update neo-sdk-go to the latest version
Refactoring invoking pool methods for anonymous requests.

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-11-16 14:42:08 +03:00
Denis Kirillov
19b917e3b5 [#253] Caches refactoring
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-09-14 10:46:18 +03:00
Denis Kirillov
951eb6fda8 [#253] Add access box cache
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-09-14 10:46:18 +03:00
Denis Kirillov
42ed6a16ea [#190] Add POST object
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-09-07 11:10:48 +03:00
Angira Kekteeva
44a2f1b471 [#234] *: Update go.mod
Remove neofs-node dep
Update versions neofs reps

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2021-08-30 17:01:41 +03:00
Denis Kirillov
4ca56d3d6e [#199] Add fine-grained handle auth header
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-08-11 13:17:37 +03:00
Denis Kirillov
d332096598 [#199] Refactor
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-08-11 13:17:37 +03:00
Denis Kirillov
1fbd192bd7 [#89] Add placement policy
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-07-16 16:01:35 +03:00
Angira Kekteeva
b7ebe4127f [#164] Change delimiter in acesskeyID
Replaced delimiter '_' by '0'

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2021-07-16 14:17:01 +03:00
Denis Kirillov
52c63d4c44 [#104] Support NEP-6 for authmate
Drop neofs-crypto.

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-06-25 12:16:24 +03:00
Angira Kekteeva
95f75ec880 [#47] Add session token to context
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2021-06-21 13:56:26 +03:00
Denis Kirillov
d1594b586e [#83] Use multiple bearer tokens
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-06-18 11:19:07 +03:00
Denis Kirillov
b86d20265d [#75] Using secp256r1 instead of curve25519
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-06-17 16:36:23 +03:00
Roman Khimov
996b2d8667 auth: add missing comment
Signed-off-by: Roman Khimov <roman@nspcc.ru>
2021-06-15 18:50:10 +03:00
Roman Khimov
ee078eabcc Merge pull request #80 from masterSplinter01/feature/48-protobuf-format-authbox
Protobuf format of accessbox
2021-06-15 16:57:22 +03:00
Angira Kekteeva
fe2d507121 [#48] creds,authmate:Replace old accessbox by new
Removed encoder, decoder wraps.
Made changes in api, authmate and creds via new accessbox.
Updated bearer_token_tests via new accessbox.

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2021-06-15 14:54:11 +03:00
Denis Kirillov
4df647baac [#65] Added NoAuthorizationHeader error
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-06-11 19:29:55 +03:00
Denis Kirillov
8185b71462 [#65] Allow no sign requests
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2021-06-11 14:52:03 +03:00
Angira Kekteeva
1a818bac33 [#64] authmate, auth: Fix access key id
Replaced forbidden symbol '/' in access key id by '_'
SecretKeyAddress and SecretKeyID are different things now
Renamed param of authmate from secretAddressFlag to accessKeyIDFlag,
that is more correct, imo.

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2021-06-03 22:24:02 +03:00
Roman Khimov
d15687f37c *: drop creds/neofs
Signed-off-by: Roman Khimov <roman@nspcc.ru>
2021-05-28 23:48:39 +03:00
Roman Khimov
35ffc1fbc1 *: use sdk-go instead of http-gw
Now that the packages have moved there we can do it.

Signed-off-by: Roman Khimov <roman@nspcc.ru>
2021-05-28 14:05:46 +03:00
Roman Khimov
d19ce03072 *: drop old sdk dependecies, bump neofs-api-go version
I'm not sure it works, but it's enough code-wise for now. We're reusing some
http-gw components here that are to be moved into sdk-go in future.

Signed-off-by: Roman Khimov <roman@nspcc.ru>
2021-05-26 21:01:46 +03:00
Roman Khimov
dbe65ae602 creds: move credential management into s3 gate
Mostly taken from old SDK (abe47687cd11266f946cad57f07572cc10c67226), but
error handling adapted to eliminate pkg/errors and internal packages.

Signed-off-by: Roman Khimov <roman@nspcc.ru>
2021-05-25 23:00:19 +03:00
Roman Khimov
ce7c8932d4 authmate: drop creds/s3 dependency
Signed-off-by: Roman Khimov <roman@nspcc.ru>
2021-05-25 19:52:51 +03:00
Angira Kekteeva
9d496d70a7 [#53] *: Remove external pkg/errors dependency
Replaced functions from pkg/errors by functions from errors, fixed not fully correct comment

Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2021-05-20 15:50:14 +03:00
Roman Khimov
5eb863dc22 *: fix golint warnings about comments to exported things. 2021-05-13 23:25:31 +03:00