forked from TrueCloudLab/frostfs-api
Compare commits
1 commit
master
...
KirillovDe
Author | SHA1 | Date | |
---|---|---|---|
bd50db1151 |
3 changed files with 6 additions and 0 deletions
|
@ -4,6 +4,7 @@
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
- Add `__SYSTEM__` attribute prefix (#12, #14)
|
- Add `__SYSTEM__` attribute prefix (#12, #14)
|
||||||
|
- Add `allow_impersonate` flag to bearer token (#18)
|
||||||
|
|
||||||
## [2.14.0] - 2022-09-23 - Anmado (안마도, 鞍馬島)
|
## [2.14.0] - 2022-09-23 - Anmado (안마도, 鞍馬島)
|
||||||
|
|
||||||
|
|
|
@ -213,6 +213,10 @@ message BearerToken {
|
||||||
}
|
}
|
||||||
// Token expiration and valid time period parameters
|
// Token expiration and valid time period parameters
|
||||||
TokenLifetime lifetime = 3 [json_name="lifetime"];
|
TokenLifetime lifetime = 3 [json_name="lifetime"];
|
||||||
|
|
||||||
|
// AllowImpersonate flag to consider token signer as request owner.
|
||||||
|
// If this field is true extended ACL table in token body isn't processed.
|
||||||
|
bool allow_impersonate = 4 [json_name="allowImpersonate"];
|
||||||
}
|
}
|
||||||
// Bearer Token body
|
// Bearer Token body
|
||||||
Body body = 1 [json_name="body"];
|
Body body = 1 [json_name="body"];
|
||||||
|
|
|
@ -60,6 +60,7 @@ owner with additional information preventing token abuse.
|
||||||
| eacl_table | [EACLTable](#neo.fs.v2.acl.EACLTable) | | Table of Extended ACL rules to use instead of the ones attached to the container. If it contains `container_id` field, bearer token is only valid for this specific container. Otherwise, any container of the same owner is allowed. |
|
| eacl_table | [EACLTable](#neo.fs.v2.acl.EACLTable) | | Table of Extended ACL rules to use instead of the ones attached to the container. If it contains `container_id` field, bearer token is only valid for this specific container. Otherwise, any container of the same owner is allowed. |
|
||||||
| owner_id | [neo.fs.v2.refs.OwnerID](#neo.fs.v2.refs.OwnerID) | | `OwnerID` defines to whom the token was issued. It must match the request originator's `OwnerID`. If empty, any token bearer will be accepted. |
|
| owner_id | [neo.fs.v2.refs.OwnerID](#neo.fs.v2.refs.OwnerID) | | `OwnerID` defines to whom the token was issued. It must match the request originator's `OwnerID`. If empty, any token bearer will be accepted. |
|
||||||
| lifetime | [BearerToken.Body.TokenLifetime](#neo.fs.v2.acl.BearerToken.Body.TokenLifetime) | | Token expiration and valid time period parameters |
|
| lifetime | [BearerToken.Body.TokenLifetime](#neo.fs.v2.acl.BearerToken.Body.TokenLifetime) | | Token expiration and valid time period parameters |
|
||||||
|
| allow_impersonate | [bool](#bool) | | AllowImpersonate flag to consider token signer as request owner. If this field is true extended ACL table in token body isn't processed. |
|
||||||
|
|
||||||
|
|
||||||
<a name="neo.fs.v2.acl.BearerToken.Body.TokenLifetime"></a>
|
<a name="neo.fs.v2.acl.BearerToken.Body.TokenLifetime"></a>
|
||||||
|
|
Loading…
Reference in a new issue