token: update structure

This commit: * moves Token message to service package; * updates token structure (new verb field, some renaming); * replaces VerificationHeader header with Token in object package; * removes no longer used VerificationHeader message.
2020-04-24 19:18:28 +03:00 · 2020-04-24 19:18:28 +03:00 · 6b68940643
commit 6b68940643
parent b84fab4d24
8 changed files with 127 additions and 104 deletions
--- a/object/service.proto
+++ b/object/service.proto
@ -5,7 +5,6 @@ option csharp_namespace = "NeoFS.API.Object";
 import "refs/types.proto";
 import "object/types.proto";
 import "session/types.proto";
 import "service/meta.proto";
 import "service/verify.proto";
 import "github.com/gogo/protobuf/gogoproto/gogo.proto";
@ -83,7 +82,7 @@ message PutRequest {
        // Object with at least container id and owner id fields
        Object Object       = 1;
        // Token with session public key and user's signature
-        session.Token Token = 2;
+        service.Token Token = 2;
        // Number of the object copies to store within the RPC call (zero is processed according to the placement rules)
        uint32 CopiesNumber = 3;
    }
@ -113,7 +112,7 @@ message DeleteRequest {
    // OwnerID is a wallet address
    bytes OwnerID                            = 2 [(gogoproto.nullable) = false, (gogoproto.customtype) = "OwnerID"];
    // Token with session public key and user's signature
-    session.Token Token                      = 3;
+    service.Token Token                      = 3;
    // RequestMetaHeader contains information about request meta headers (should be embedded into message)
    service.RequestMetaHeader Meta           = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
    // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message)
--- a/object/types.proto
+++ b/object/types.proto
@ -4,7 +4,7 @@ option go_package = "github.com/nspcc-dev/neofs-api-go/object";
 option csharp_namespace = "NeoFS.API.Object";
 import "refs/types.proto";
-import "session/types.proto";
+import "service/verify.proto";
 import "storagegroup/types.proto";
 import "github.com/gogo/protobuf/gogoproto/gogo.proto";
@ -36,8 +36,8 @@ message Header {
        Transform Transform                    = 4;
        // Tombstone header that set up in deleted objects
        Tombstone Tombstone                    = 5;
-        // Verify header that contains session public key and user's signature
+        // Token header contains token of the session within which the object was created
-        session.VerificationHeader Verify      = 6;
+        service.Token Token                    = 6;
        // HomoHash is a homomorphic hash of original object payload
        bytes HomoHash                         = 7 [(gogoproto.customtype) = "Hash"];
        // PayloadChecksum of actual object's payload
--- a/proto-docs/object.md
+++ b/proto-docs/object.md
@ -149,7 +149,7 @@ calculated for XORed data.
 | ----- | ---- | ----- | ----------- |
 | Address | [refs.Address](#refs.Address) |  | Address of object (container id + object id) |
 | OwnerID | [bytes](#bytes) |  | OwnerID is a wallet address |
-| Token | [session.Token](#session.Token) |  | Token with session public key and user's signature |
+| Token | [service.Token](#service.Token) |  | Token with session public key and user's signature |
 | Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) |  | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
 | Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) |  | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
@ -296,7 +296,7 @@ in distributed system.
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | Object | [Object](#object.Object) |  | Object with at least container id and owner id fields |
-| Token | [session.Token](#session.Token) |  | Token with session public key and user's signature |
+| Token | [service.Token](#service.Token) |  | Token with session public key and user's signature |
 | CopiesNumber | [uint32](#uint32) |  | Number of the object copies to store within the RPC call (zero is processed according to the placement rules) |
@ -378,7 +378,7 @@ in distributed system.
 | UserHeader | [UserHeader](#object.UserHeader) |  | UserHeader is a set of KV headers defined by user |
 | Transform | [Transform](#object.Transform) |  | Transform defines transform operation (e.g. payload split) |
 | Tombstone | [Tombstone](#object.Tombstone) |  | Tombstone header that set up in deleted objects |
-| Verify | [session.VerificationHeader](#session.VerificationHeader) |  | Verify header that contains session public key and user's signature |
+| Token | [service.Token](#service.Token) |  | Token header that contains session token |
 | HomoHash | [bytes](#bytes) |  | HomoHash is a homomorphic hash of original object payload |
 | PayloadChecksum | [bytes](#bytes) |  | PayloadChecksum of actual object's payload |
 | Integrity | [IntegrityHeader](#object.IntegrityHeader) |  | Integrity header with checksum of all above headers in the object |
--- a/proto-docs/service.md
+++ b/proto-docs/service.md
@ -15,6 +15,8 @@
  - Messages
    - [RequestVerificationHeader](#service.RequestVerificationHeader)
    - [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature)
    - [Token](#service.Token)
    - [Token.Info](#service.Token.Info)
 - [Scalar Value Types](#scalar-value-types)
@ -82,6 +84,7 @@ RequestVerificationHeader is a set of signatures of every NeoFS Node that proces
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | Signatures | [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature) | repeated | Signatures is a set of signatures of every passed NeoFS Node |
 | Token | [Token](#service.Token) |  | Token is a token of the session within which the request is sent |
 <a name="service.RequestVerificationHeader.Signature"></a>
@ -95,8 +98,54 @@ RequestVerificationHeader is a set of signatures of every NeoFS Node that proces
 | Sign | [bytes](#bytes) |  | Sign is signature of the request or session key. |
 | Peer | [bytes](#bytes) |  | Peer is compressed public key used for signature. |
 <a name="service.Token"></a>
 ### Message Token
 User token granting rights for object manipulation
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | info | [Token.Info](#service.Token.Info) |  | Info is a grouped information about token |
 | Signature | [bytes](#bytes) |  | Signature is a signature of session token information |
 <a name="service.Token.Info"></a>
 ### Message Token.Info
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | ID | [bytes](#bytes) |  | ID is a token identifier. valid UUIDv4 represented in bytes |
 | OwnerID | [bytes](#bytes) |  | OwnerID is an owner of manipulation object |
 | verb | [Token.Info.Verb](#service.Token.Info.Verb) |  | Verb is a type of request for which the token is issued |
 | Address | [refs.Address](#refs.Address) |  | Address is an object address for which token is issued |
 | Created | [uint64](#uint64) |  | Created is an initial epoch of token lifetime |
 | ValidUntil | [uint64](#uint64) |  | ValidUntil is a last epoch of token lifetime |
 | SessionKey | [bytes](#bytes) |  | SessionKey is a public key of session key |
 <!-- end messages -->
 <a name="service.Token.Info.Verb"></a>
 ### Token.Info.Verb
 Verb is an enumeration of session request types
 | Name | Number | Description |
 | ---- | ------ | ----------- |
 | Put | 0 | Put refers to object.Put RPC call |
 | Get | 1 | Get refers to object.Get RPC call |
 | Head | 2 | Head refers to object.Head RPC call |
 | Search | 3 | Search refers to object.Search RPC call |
 | Delete | 4 | Delete refers to object.Delete RPC call |
 | Range | 5 | Range refers to object.GetRange RPC call |
 | RangeHash | 6 | RangeHash refers to object.GetRangeHash RPC call |
 <!-- end enums -->
--- a/proto-docs/session.md
+++ b/proto-docs/session.md
@ -12,13 +12,6 @@
    - [CreateResponse](#session.CreateResponse)
 - [session/types.proto](#session/types.proto)
  - Messages
    - [Token](#session.Token)
    - [VerificationHeader](#session.VerificationHeader)
 - [Scalar Value Types](#scalar-value-types)
@ -68,8 +61,8 @@ session key. Session is established during 4-step handshake in one gRPC stream
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
-| Init | [Token](#session.Token) |  | Init is a message to initialize session opening. Carry: owner of manipulation object; ID of manipulation object; token lifetime bounds. |
+| Init | [service.Token](#service.Token) |  | Init is a message to initialize session opening. Carry: owner of manipulation object; ID of manipulation object; token lifetime bounds. |
-| Signed | [Token](#session.Token) |  | Signed Init message response (Unsigned) from server with user private key |
+| Signed | [service.Token](#service.Token) |  | Signed Init message response (Unsigned) from server with user private key |
 | Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) |  | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
 | Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) |  | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
@ -82,52 +75,8 @@ session key. Session is established during 4-step handshake in one gRPC stream
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
-| Unsigned | [Token](#session.Token) |  | Unsigned token with token ID and session public key generated on server side |
+| Unsigned | [service.Token](#service.Token) |  | Unsigned token with token ID and session public key generated on server side |
-| Result | [Token](#session.Token) |  | Result is a resulting token which can be used for object placing through an trusted intermediary |
+| Result | [service.Token](#service.Token) |  | Result is a resulting token which can be used for object placing through an trusted intermediary |
 <!-- end messages -->
 <!-- end enums -->
 <a name="session/types.proto"></a>
 <p align="right"><a href="#top">Top</a></p>
 ## session/types.proto
 <!-- end services -->
 <a name="session.Token"></a>
 ### Message Token
 User token granting rights for object manipulation
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | Header | [VerificationHeader](#session.VerificationHeader) |  | Header carries verification data of session key |
 | OwnerID | [bytes](#bytes) |  | OwnerID is an owner of manipulation object |
 | FirstEpoch | [uint64](#uint64) |  | FirstEpoch is an initial epoch of token lifetime |
 | LastEpoch | [uint64](#uint64) |  | LastEpoch is a last epoch of token lifetime |
 | ObjectID | [bytes](#bytes) | repeated | ObjectID is an object identifier of manipulation object |
 | Signature | [bytes](#bytes) |  | Signature is a token signature, signed by owner of manipulation object |
 | ID | [bytes](#bytes) |  | ID is a token identifier. valid UUIDv4 represented in bytes |
 | PublicKeys | [bytes](#bytes) | repeated | PublicKeys associated with owner |
 <a name="session.VerificationHeader"></a>
 ### Message VerificationHeader
 | Field | Type | Label | Description |
 | ----- | ---- | ----- | ----------- |
 | PublicKey | [bytes](#bytes) |  | PublicKey is a session public key |
 | KeySignature | [bytes](#bytes) |  | KeySignature is a session public key signature. Signed by trusted side |
 <!-- end messages -->
--- a/service/verify.proto
+++ b/service/verify.proto
@ -3,6 +3,7 @@ package service;
 option go_package = "github.com/nspcc-dev/neofs-api-go/service";
 option csharp_namespace = "NeoFS.API.Service";
 import "refs/types.proto";
 import "github.com/gogo/protobuf/gogoproto/gogo.proto";
 option (gogoproto.stable_marshaler_all) = true;
@ -19,4 +20,65 @@ message RequestVerificationHeader {
    // Signatures is a set of signatures of every passed NeoFS Node
    repeated Signature Signatures = 1;
    // Token is a token of the session within which the request is sent
    Token Token = 2;
 }
 // User token granting rights for object manipulation
 message Token {
    message Info {
        // ID is a token identifier. valid UUIDv4 represented in bytes
        bytes ID = 1 [(gogoproto.customtype) = "TokenID", (gogoproto.nullable) = false];
        // OwnerID is an owner of manipulation object
        bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
        // Verb is an enumeration of session request types
        enum Verb {
            // Put refers to object.Put RPC call
            Put = 0;
            // Get refers to object.Get RPC call
            Get = 1;
            // Head refers to object.Head RPC call
            Head = 2;
            // Search refers to object.Search RPC call
            Search = 3;
            // Delete refers to object.Delete RPC call
            Delete = 4;
            // Range refers to object.GetRange RPC call
            Range = 5;
            // RangeHash refers to object.GetRangeHash RPC call
            RangeHash = 6;
        }
        // Verb is a type of request for which the token is issued
        Verb verb = 3 [(gogoproto.customname) = "Verb"];
        // Address is an object address for which token is issued
        refs.Address Address = 4 [(gogoproto.nullable) = false, (gogoproto.customtype) = "Address"];
        // Created is an initial epoch of token lifetime
        uint64 Created = 5;
        // ValidUntil is a last epoch of token lifetime
        uint64 ValidUntil = 6;
        // SessionKey is a public key of session key
        bytes SessionKey = 7;
    }
    // Info is a grouped information about token
    Info info = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false, (gogoproto.customname) = "Info"];
    // Signature is a signature of session token information
    bytes Signature = 8;
 }
 // TODO: for variable token types and version redefine message
 // Example:
 // message Token {
 //     TokenType TokenType = 1;
 //     uint32 Version = 2;
 //     bytes Data = 3;
 // }
--- a/session/service.proto
+++ b/session/service.proto
@ -3,7 +3,6 @@ package session;
 option go_package = "github.com/nspcc-dev/neofs-api-go/session";
 option csharp_namespace = "NeoFS.API.Session";
 import "session/types.proto";
 import "service/meta.proto";
 import "service/verify.proto";
 import "github.com/gogo/protobuf/gogoproto/gogo.proto";
@ -33,9 +32,9 @@ message CreateRequest {
        // owner of manipulation object;
        // ID of manipulation object;
        // token lifetime bounds.
-        session.Token Init = 1;
+        service.Token Init = 1;
        // Signed Init message response (Unsigned) from server with user private key
-        session.Token Signed = 2;
+        service.Token Signed = 2;
    }
    // RequestMetaHeader contains information about request meta headers (should be embedded into message)
    service.RequestMetaHeader Meta           = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
@ -46,8 +45,8 @@ message CreateRequest {
 message CreateResponse {
    oneof Message {
        // Unsigned token with token ID and session public key generated on server side
-        session.Token Unsigned = 1;
+        service.Token Unsigned = 1;
        // Result is a resulting token which can be used for object placing through an trusted intermediary
-        session.Token Result = 2;
+        service.Token Result = 2;
    }
 }
--- a/session/types.proto
+++ b/session/types.proto
@ -1,35 +0,0 @@
 syntax = "proto3";
 package session;
 option go_package = "github.com/nspcc-dev/neofs-api-go/session";
 option csharp_namespace = "NeoFS.API.Session";
 import "github.com/gogo/protobuf/gogoproto/gogo.proto";
 option (gogoproto.stable_marshaler_all) = true;
 message VerificationHeader {
    // PublicKey is a session public key
    bytes PublicKey = 1;
    // KeySignature is a session public key signature. Signed by trusted side
    bytes KeySignature = 2;
 }
 // User token granting rights for object manipulation
 message Token {
    // Header carries verification data of session key
    VerificationHeader Header = 1 [(gogoproto.nullable) = false];
    // OwnerID is an owner of manipulation object
    bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
    // FirstEpoch is an initial epoch of token lifetime
    uint64 FirstEpoch = 3;
    // LastEpoch is a last epoch of token lifetime
    uint64 LastEpoch = 4;
    // ObjectID is an object identifier of manipulation object
    repeated bytes ObjectID = 5 [(gogoproto.customtype) = "ObjectID", (gogoproto.nullable) = false];
    // Signature is a token signature, signed by owner of manipulation object
    bytes Signature = 6;
    // ID is a token identifier. valid UUIDv4 represented in bytes
    bytes ID = 7 [(gogoproto.customtype) = "TokenID", (gogoproto.nullable) = false];
    // PublicKeys associated with owner
    repeated bytes PublicKeys = 8;
 }