forked from TrueCloudLab/frostfs-node
[#943] service/object: Return error if requested session token is not available
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
parent
0f598289f6
commit
46fa07b7cc
2 changed files with 81 additions and 0 deletions
pkg/services/object/util
|
@ -2,11 +2,15 @@ package util
|
|||
|
||||
import (
|
||||
"crypto/ecdsa"
|
||||
"errors"
|
||||
|
||||
"github.com/nspcc-dev/neofs-api-go/pkg/session"
|
||||
"github.com/nspcc-dev/neofs-node/pkg/services/session/storage"
|
||||
)
|
||||
|
||||
// todo(alexvanin): should be a part of status API
|
||||
var errNoSessionToken = errors.New("session token does not exist")
|
||||
|
||||
// KeyStorage represents private key storage of the local node.
|
||||
type KeyStorage struct {
|
||||
key *ecdsa.PrivateKey
|
||||
|
@ -32,6 +36,7 @@ func (s *KeyStorage) GetKey(token *session.Token) (*ecdsa.PrivateKey, error) {
|
|||
if pToken != nil {
|
||||
return pToken.SessionKey(), nil
|
||||
}
|
||||
return nil, errNoSessionToken
|
||||
}
|
||||
|
||||
return s.key, nil
|
||||
|
|
76
pkg/services/object/util/key_test.go
Normal file
76
pkg/services/object/util/key_test.go
Normal file
|
@ -0,0 +1,76 @@
|
|||
package util_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/elliptic"
|
||||
"testing"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/nspcc-dev/neofs-api-go/pkg/session"
|
||||
sessionV2 "github.com/nspcc-dev/neofs-api-go/v2/session"
|
||||
"github.com/nspcc-dev/neofs-node/pkg/services/object/util"
|
||||
tokenStorage "github.com/nspcc-dev/neofs-node/pkg/services/session/storage"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestNewKeyStorage(t *testing.T) {
|
||||
nodeKey, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
|
||||
tokenStor := tokenStorage.New()
|
||||
stor := util.NewKeyStorage(&nodeKey.PrivateKey, tokenStor)
|
||||
|
||||
t.Run("node key", func(t *testing.T) {
|
||||
key, err := stor.GetKey(nil)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, nodeKey.PrivateKey, *key)
|
||||
})
|
||||
|
||||
t.Run("unknown token", func(t *testing.T) {
|
||||
tok := generateToken(t)
|
||||
_, err = stor.GetKey(tok)
|
||||
require.Error(t, err)
|
||||
})
|
||||
|
||||
t.Run("known token", func(t *testing.T) {
|
||||
tok := createToken(t, tokenStor, 100)
|
||||
pubKey, err := keys.NewPublicKeyFromBytes(tok.SessionKey(), elliptic.P256())
|
||||
require.NoError(t, err)
|
||||
|
||||
key, err := stor.GetKey(tok)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, pubKey.X, key.PublicKey.X)
|
||||
require.Equal(t, pubKey.Y, key.PublicKey.Y)
|
||||
})
|
||||
}
|
||||
|
||||
func generateToken(t *testing.T) *session.Token {
|
||||
key, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
|
||||
pubKey := key.PublicKey().Bytes()
|
||||
id, err := uuid.New().MarshalBinary()
|
||||
require.NoError(t, err)
|
||||
|
||||
tok := session.NewToken()
|
||||
tok.SetSessionKey(pubKey)
|
||||
tok.SetID(id)
|
||||
|
||||
return tok
|
||||
}
|
||||
|
||||
func createToken(t *testing.T, store *tokenStorage.TokenStore, exp uint64) *session.Token {
|
||||
req := new(sessionV2.CreateRequestBody)
|
||||
req.SetOwnerID(nil)
|
||||
req.SetExpiration(exp)
|
||||
|
||||
resp, err := store.Create(context.Background(), req)
|
||||
require.NoError(t, err)
|
||||
|
||||
tok := session.NewToken()
|
||||
tok.SetSessionKey(resp.GetSessionKey())
|
||||
tok.SetID(resp.GetID())
|
||||
|
||||
return tok
|
||||
}
|
Loading…
Reference in a new issue