[#333] Update sdk

Update sdk to fix "invalid session token owner" error

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov 2022-01-25 17:41:01 +03:00 committed by Alex Vanin
parent badc94e904
commit 8fc19b11db
6 changed files with 15 additions and 32 deletions

View file

@ -11,6 +11,7 @@ import (
"github.com/nspcc-dev/neofs-s3-gw/api" "github.com/nspcc-dev/neofs-s3-gw/api"
"github.com/nspcc-dev/neofs-s3-gw/api/data" "github.com/nspcc-dev/neofs-s3-gw/api/data"
"github.com/nspcc-dev/neofs-s3-gw/api/errors" "github.com/nspcc-dev/neofs-s3-gw/api/errors"
"github.com/nspcc-dev/neofs-sdk-go/acl"
"github.com/nspcc-dev/neofs-sdk-go/container" "github.com/nspcc-dev/neofs-sdk-go/container"
cid "github.com/nspcc-dev/neofs-sdk-go/container/id" cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
"github.com/nspcc-dev/neofs-sdk-go/eacl" "github.com/nspcc-dev/neofs-sdk-go/eacl"
@ -130,7 +131,7 @@ func (n *layer) createContainer(ctx context.Context, p *CreateBucketParams) (*ci
options := []container.Option{ options := []container.Option{
container.WithPolicy(p.Policy), container.WithPolicy(p.Policy),
container.WithCustomBasicACL(p.ACL), container.WithCustomBasicACL(acl.BasicACL(p.ACL)),
container.WithAttribute(container.AttributeName, p.Name), container.WithAttribute(container.AttributeName, p.Name),
container.WithAttribute(container.AttributeTimestamp, strconv.FormatInt(bktInfo.Created.Unix(), 10)), container.WithAttribute(container.AttributeTimestamp, strconv.FormatInt(bktInfo.Created.Unix(), 10)),
} }

View file

@ -16,7 +16,6 @@ import (
"github.com/nspcc-dev/neofs-s3-gw/api/data" "github.com/nspcc-dev/neofs-s3-gw/api/data"
"github.com/nspcc-dev/neofs-s3-gw/api/errors" "github.com/nspcc-dev/neofs-s3-gw/api/errors"
"github.com/nspcc-dev/neofs-s3-gw/api/resolver" "github.com/nspcc-dev/neofs-s3-gw/api/resolver"
"github.com/nspcc-dev/neofs-s3-gw/authmate"
"github.com/nspcc-dev/neofs-s3-gw/creds/accessbox" "github.com/nspcc-dev/neofs-s3-gw/creds/accessbox"
"github.com/nspcc-dev/neofs-sdk-go/client" "github.com/nspcc-dev/neofs-sdk-go/client"
cid "github.com/nspcc-dev/neofs-sdk-go/container/id" cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
@ -288,8 +287,7 @@ func (n *layer) Owner(ctx context.Context) *owner.ID {
return data.Gate.BearerToken.Issuer() return data.Gate.BearerToken.Issuer()
} }
id, _ := authmate.OwnerIDFromNeoFSKey(n.EphemeralKey()) return owner.NewIDFromPublicKey((*ecdsa.PublicKey)(n.EphemeralKey()))
return id
} }
// CallOptions returns []pool.CallOption options: client.WithBearer or client.WithKey (if request is anonymous). // CallOptions returns []pool.CallOption options: client.WithBearer or client.WithKey (if request is anonymous).

View file

@ -201,7 +201,7 @@ func (t *testPool) AnnounceContainerUsedSpace(ctx context.Context, announcements
panic("implement me") panic("implement me")
} }
func (t *testPool) Connection() (client.Client, *session.Token, error) { func (t *testPool) Connection() (pool.Client, *session.Token, error) {
panic("implement me") panic("implement me")
} }

View file

@ -18,6 +18,7 @@ import (
"github.com/nspcc-dev/neofs-s3-gw/api/cache" "github.com/nspcc-dev/neofs-s3-gw/api/cache"
"github.com/nspcc-dev/neofs-s3-gw/creds/accessbox" "github.com/nspcc-dev/neofs-s3-gw/creds/accessbox"
"github.com/nspcc-dev/neofs-s3-gw/creds/tokens" "github.com/nspcc-dev/neofs-s3-gw/creds/tokens"
"github.com/nspcc-dev/neofs-sdk-go/acl"
apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status" apistatus "github.com/nspcc-dev/neofs-sdk-go/client/status"
"github.com/nspcc-dev/neofs-sdk-go/container" "github.com/nspcc-dev/neofs-sdk-go/container"
cid "github.com/nspcc-dev/neofs-sdk-go/container/id" cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
@ -33,7 +34,7 @@ import (
) )
const ( const (
defaultAuthContainerBasicACL uint32 = 0b00111100100011001000110011001110 defaultAuthContainerBasicACL acl.BasicACL = 0b00111100100011001000110011001110 // 0x3C8C8CCE - private container with only GET allowed to others
) )
// Agent contains client communicating with NeoFS and logger. // Agent contains client communicating with NeoFS and logger.
@ -252,10 +253,7 @@ func (a *Agent) IssueSecret(ctx context.Context, w io.Writer, options *IssueSecr
box.ContainerPolicy = policies box.ContainerPolicy = policies
oid, err := OwnerIDFromNeoFSKey(options.NeoFSKey.PublicKey()) oid := owner.NewIDFromPublicKey(&options.NeoFSKey.PrivateKey.PublicKey)
if err != nil {
return err
}
a.log.Info("store bearer token into NeoFS", a.log.Info("store bearer token into NeoFS",
zap.Stringer("owner_tkn", oid)) zap.Stringer("owner_tkn", oid))
@ -403,10 +401,7 @@ func buildContext(rules []byte) (*session.ContainerContext, error) {
} }
func buildBearerToken(key *keys.PrivateKey, table *eacl.Table, lifetime lifetimeOptions, gateKey *keys.PublicKey) (*token.BearerToken, error) { func buildBearerToken(key *keys.PrivateKey, table *eacl.Table, lifetime lifetimeOptions, gateKey *keys.PublicKey) (*token.BearerToken, error) {
oid, err := OwnerIDFromNeoFSKey(gateKey) oid := owner.NewIDFromPublicKey((*ecdsa.PublicKey)(gateKey))
if err != nil {
return nil, err
}
bearerToken := token.NewBearerToken() bearerToken := token.NewBearerToken()
bearerToken.SetEACLTable(table) bearerToken.SetEACLTable(table)
@ -478,11 +473,8 @@ func createTokens(options *IssueSecretOptions, lifetime lifetimeOptions, cid *ci
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to build context for session token: %w", err) return nil, fmt.Errorf("failed to build context for session token: %w", err)
} }
oid, err := OwnerIDFromNeoFSKey(options.NeoFSKey.PublicKey())
if err != nil {
return nil, err
}
oid := owner.NewIDFromPublicKey(&options.NeoFSKey.PrivateKey.PublicKey)
sessionTokens, err := buildSessionTokens(options.NeoFSKey, oid, lifetime, sessionRules, options.GatesPublicKeys) sessionTokens, err := buildSessionTokens(options.NeoFSKey, oid, lifetime, sessionRules, options.GatesPublicKeys)
if err != nil { if err != nil {
return nil, err return nil, err
@ -494,11 +486,3 @@ func createTokens(options *IssueSecretOptions, lifetime lifetimeOptions, cid *ci
return gates, nil return gates, nil
} }
func OwnerIDFromNeoFSKey(key *keys.PublicKey) (*owner.ID, error) {
wallet, err := owner.NEO3WalletFromPublicKey((*ecdsa.PublicKey)(key))
if err != nil {
return nil, err
}
return owner.NewIDFromNeo3Wallet(wallet), nil
}

4
go.mod
View file

@ -10,8 +10,8 @@ require (
github.com/google/uuid v1.2.0 github.com/google/uuid v1.2.0
github.com/gorilla/mux v1.8.0 github.com/gorilla/mux v1.8.0
github.com/nspcc-dev/neo-go v0.98.0 github.com/nspcc-dev/neo-go v0.98.0
github.com/nspcc-dev/neofs-api-go/v2 v2.11.1 github.com/nspcc-dev/neofs-api-go/v2 v2.11.2-0.20220114101721-227a871a04ac
github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211228125935-3edaf9ecb644 github.com/nspcc-dev/neofs-sdk-go v0.0.0-20220121080144-596774ce5bd3
github.com/prometheus/client_golang v1.11.0 github.com/prometheus/client_golang v1.11.0
github.com/spf13/pflag v1.0.5 github.com/spf13/pflag v1.0.5
github.com/spf13/viper v1.7.1 github.com/spf13/viper v1.7.1

8
go.sum
View file

@ -276,15 +276,15 @@ github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1:
github.com/nspcc-dev/neo-go v0.98.0 h1:yyW4sgY88/pLf0949qmgfkQXzRKC3CI/WyhqXNnwMd8= github.com/nspcc-dev/neo-go v0.98.0 h1:yyW4sgY88/pLf0949qmgfkQXzRKC3CI/WyhqXNnwMd8=
github.com/nspcc-dev/neo-go v0.98.0/go.mod h1:E3cc1x6RXSXrJb2nDWXTXjnXk3rIqVN8YdFyWv+FrqM= github.com/nspcc-dev/neo-go v0.98.0/go.mod h1:E3cc1x6RXSXrJb2nDWXTXjnXk3rIqVN8YdFyWv+FrqM=
github.com/nspcc-dev/neofs-api-go/v2 v2.11.0-pre.0.20211201134523-3604d96f3fe1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs= github.com/nspcc-dev/neofs-api-go/v2 v2.11.0-pre.0.20211201134523-3604d96f3fe1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs=
github.com/nspcc-dev/neofs-api-go/v2 v2.11.1 h1:SVqc523pZsSaS9vnPS1mm3VV6b6xY0gvdA0uYJ/GWZQ= github.com/nspcc-dev/neofs-api-go/v2 v2.11.2-0.20220114101721-227a871a04ac h1:65C4z7pybLT2HjtY96abZj6kbgVp34AbrApn5DD+ZxY=
github.com/nspcc-dev/neofs-api-go/v2 v2.11.1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs= github.com/nspcc-dev/neofs-api-go/v2 v2.11.2-0.20220114101721-227a871a04ac/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs=
github.com/nspcc-dev/neofs-crypto v0.2.0/go.mod h1:F/96fUzPM3wR+UGsPi3faVNmFlA9KAEAUQR7dMxZmNA= github.com/nspcc-dev/neofs-crypto v0.2.0/go.mod h1:F/96fUzPM3wR+UGsPi3faVNmFlA9KAEAUQR7dMxZmNA=
github.com/nspcc-dev/neofs-crypto v0.2.3/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw= github.com/nspcc-dev/neofs-crypto v0.2.3/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw=
github.com/nspcc-dev/neofs-crypto v0.3.0 h1:zlr3pgoxuzrmGCxc5W8dGVfA9Rro8diFvVnBg0L4ifM= github.com/nspcc-dev/neofs-crypto v0.3.0 h1:zlr3pgoxuzrmGCxc5W8dGVfA9Rro8diFvVnBg0L4ifM=
github.com/nspcc-dev/neofs-crypto v0.3.0/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw= github.com/nspcc-dev/neofs-crypto v0.3.0/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw=
github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211201182451-a5b61c4f6477/go.mod h1:dfMtQWmBHYpl9Dez23TGtIUKiFvCIxUZq/CkSIhEpz4= github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211201182451-a5b61c4f6477/go.mod h1:dfMtQWmBHYpl9Dez23TGtIUKiFvCIxUZq/CkSIhEpz4=
github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211228125935-3edaf9ecb644 h1:AytMrbwumNIfjYcG1ng+OuEXTtBslya96UAYj/h+dTQ= github.com/nspcc-dev/neofs-sdk-go v0.0.0-20220121080144-596774ce5bd3 h1:Llot/7cnQwCfhSrnNLDhuYxKpX4Ay+xa6x7B1jI2eaU=
github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211228125935-3edaf9ecb644/go.mod h1:/jay1lr3w7NQd/VDBkEhkJmDmyPNsu4W+QV2obsUV40= github.com/nspcc-dev/neofs-sdk-go v0.0.0-20220121080144-596774ce5bd3/go.mod h1:fhs4v6uts7bEgwYP05NXbAQlQ0YhK4WVjJRKQKFKBxY=
github.com/nspcc-dev/rfc6979 v0.1.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= github.com/nspcc-dev/rfc6979 v0.1.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso=
github.com/nspcc-dev/rfc6979 v0.2.0 h1:3e1WNxrN60/6N0DW7+UYisLeZJyfqZTNOjeV/toYvOE= github.com/nspcc-dev/rfc6979 v0.2.0 h1:3e1WNxrN60/6N0DW7+UYisLeZJyfqZTNOjeV/toYvOE=
github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso= github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso=