forked from TrueCloudLab/frostfs-sdk-go
Compare commits
3 commits
master
...
support/v1
Author | SHA1 | Date | |
---|---|---|---|
|
a1e17ea1f2 | ||
|
129012748e | ||
|
0367c83f5a |
4 changed files with 119 additions and 1 deletions
|
@ -26,6 +26,9 @@ func NewCache() (*SessionCache, error) {
|
|||
return &SessionCache{cache: cache}, nil
|
||||
}
|
||||
|
||||
// Get returns a copy of the session token from the cache without signature
|
||||
// and context related fields. Returns nil if token is missing in the cache.
|
||||
// It is safe to modify and re-sign returned session token.
|
||||
func (c *SessionCache) Get(key string) *session.Token {
|
||||
valueRaw, ok := c.cache.Get(key)
|
||||
if !ok {
|
||||
|
@ -35,7 +38,13 @@ func (c *SessionCache) Get(key string) *session.Token {
|
|||
value := valueRaw.(*cacheValue)
|
||||
value.atime = time.Now()
|
||||
|
||||
return value.token
|
||||
if value.token == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
res := copySessionTokenWithoutSignatureAndContext(*value.token)
|
||||
|
||||
return &res
|
||||
}
|
||||
|
||||
func (c *SessionCache) GetAccessTime(key string) (time.Time, bool) {
|
||||
|
|
|
@ -4,6 +4,9 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/session"
|
||||
sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
|
@ -29,3 +32,32 @@ func TestSessionCache_GetAccessTime(t *testing.T) {
|
|||
require.True(t, ok)
|
||||
require.NotEqual(t, t1, t3)
|
||||
}
|
||||
|
||||
func TestSessionCache_GetUnmodifiedToken(t *testing.T) {
|
||||
const key = "Foo"
|
||||
target := sessiontest.Token()
|
||||
|
||||
pk, err := keys.NewPrivateKey()
|
||||
require.NoError(t, err)
|
||||
|
||||
check := func(t *testing.T, tok *session.Token, extra string) {
|
||||
require.Empty(t, tok.Signature().Sign(), extra)
|
||||
require.Nil(t, tok.Context(), extra)
|
||||
}
|
||||
|
||||
cache, err := NewCache()
|
||||
require.NoError(t, err)
|
||||
|
||||
cache.Put(key, target)
|
||||
value := cache.Get(key)
|
||||
check(t, value, "before sign")
|
||||
|
||||
err = value.Sign(&pk.PrivateKey)
|
||||
require.NoError(t, err)
|
||||
|
||||
octx := sessiontest.ObjectContext()
|
||||
value.SetContext(octx)
|
||||
|
||||
value = cache.Get(key)
|
||||
check(t, value, "after sign")
|
||||
}
|
||||
|
|
47
pool/pool.go
47
pool/pool.go
|
@ -807,6 +807,10 @@ func (p *Pool) DeleteObject(ctx context.Context, addr address.Address, opts ...C
|
|||
prm.ByID(*obj)
|
||||
}
|
||||
|
||||
if cfg.btoken != nil {
|
||||
prm.WithBearerToken(*cfg.btoken)
|
||||
}
|
||||
|
||||
prm.UseKey(*cc.key)
|
||||
|
||||
return p.callWithRetry(&cc, func() error {
|
||||
|
@ -862,6 +866,10 @@ func (p *Pool) GetObject(ctx context.Context, addr address.Address, opts ...Call
|
|||
prm.ByID(*obj)
|
||||
}
|
||||
|
||||
if cfg.btoken != nil {
|
||||
prm.WithBearerToken(*cfg.btoken)
|
||||
}
|
||||
|
||||
var res ResGetObject
|
||||
|
||||
err = p.callWithRetry(&cc, func() error {
|
||||
|
@ -914,6 +922,10 @@ func (p *Pool) HeadObject(ctx context.Context, addr address.Address, opts ...Cal
|
|||
prm.ByID(*obj)
|
||||
}
|
||||
|
||||
if cfg.btoken != nil {
|
||||
prm.WithBearerToken(*cfg.btoken)
|
||||
}
|
||||
|
||||
prm.UseKey(*cc.key)
|
||||
|
||||
var obj object.Object
|
||||
|
@ -979,6 +991,10 @@ func (p *Pool) ObjectRange(ctx context.Context, addr address.Address, off, ln ui
|
|||
prm.ByID(*obj)
|
||||
}
|
||||
|
||||
if cfg.btoken != nil {
|
||||
prm.WithBearerToken(*cfg.btoken)
|
||||
}
|
||||
|
||||
var res ResObjectRange
|
||||
|
||||
err = p.callWithRetry(&cc, func() error {
|
||||
|
@ -1037,6 +1053,10 @@ func (p *Pool) SearchObjects(ctx context.Context, idCnr cid.ID, filters object.S
|
|||
prm.InContainer(idCnr)
|
||||
prm.SetFilters(filters)
|
||||
|
||||
if cfg.btoken != nil {
|
||||
prm.WithBearerToken(*cfg.btoken)
|
||||
}
|
||||
|
||||
var cc callContextWithRetry
|
||||
|
||||
cc.Context = ctx
|
||||
|
@ -1277,3 +1297,30 @@ func newAddressFromCnrID(cnrID *cid.ID) *address.Address {
|
|||
addr.SetContainerID(cnrID)
|
||||
return addr
|
||||
}
|
||||
|
||||
func copySessionTokenWithoutSignatureAndContext(from session.Token) (to session.Token) {
|
||||
to.SetIat(from.Iat())
|
||||
to.SetExp(from.Exp())
|
||||
to.SetNbf(from.Nbf())
|
||||
|
||||
sessionTokenID := make([]byte, len(from.ID()))
|
||||
copy(sessionTokenID, from.ID())
|
||||
to.SetID(sessionTokenID)
|
||||
|
||||
sessionTokenKey := make([]byte, len(from.SessionKey()))
|
||||
copy(sessionTokenKey, from.SessionKey())
|
||||
to.SetSessionKey(sessionTokenKey)
|
||||
|
||||
var sessionTokenOwner owner.ID
|
||||
buf, err := from.OwnerID().Marshal()
|
||||
if err != nil {
|
||||
panic(err) // should never happen
|
||||
}
|
||||
err = sessionTokenOwner.Unmarshal(buf)
|
||||
if err != nil {
|
||||
panic(err) // should never happen
|
||||
}
|
||||
to.SetOwnerID(&sessionTokenOwner)
|
||||
|
||||
return to
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@ import (
|
|||
"github.com/nspcc-dev/neofs-sdk-go/object/address"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/owner"
|
||||
"github.com/nspcc-dev/neofs-sdk-go/session"
|
||||
sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
@ -590,3 +591,32 @@ func TestWaitPresence(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
})
|
||||
}
|
||||
|
||||
func TestCopySessionTokenWithoutSignatureAndContext(t *testing.T) {
|
||||
from := sessiontest.SignedToken()
|
||||
to := copySessionTokenWithoutSignatureAndContext(*from)
|
||||
|
||||
require.Equal(t, from.Nbf(), to.Nbf())
|
||||
require.Equal(t, from.Exp(), to.Exp())
|
||||
require.Equal(t, from.Iat(), to.Iat())
|
||||
require.Equal(t, from.ID(), to.ID())
|
||||
require.Equal(t, from.OwnerID().String(), to.OwnerID().String())
|
||||
require.Equal(t, from.SessionKey(), to.SessionKey())
|
||||
|
||||
require.Empty(t, to.Signature().Sign())
|
||||
require.Empty(t, to.Signature().Key())
|
||||
|
||||
t.Run("empty object context", func(t *testing.T) {
|
||||
octx := sessiontest.ObjectContext()
|
||||
from.SetContext(octx)
|
||||
to = copySessionTokenWithoutSignatureAndContext(*from)
|
||||
require.Nil(t, to.Context())
|
||||
})
|
||||
|
||||
t.Run("empty container context", func(t *testing.T) {
|
||||
cctx := sessiontest.ContainerContext()
|
||||
from.SetContext(cctx)
|
||||
to = copySessionTokenWithoutSignatureAndContext(*from)
|
||||
require.Nil(t, to.Context())
|
||||
})
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue