From e7f9da9139d937c8f0b1b7021dfb75eb3b916ee8 Mon Sep 17 00:00:00 2001 From: Alex Vanin Date: Thu, 22 Oct 2020 18:08:08 +0300 Subject: [PATCH] [#120] Add `--bearer` argument in CLI Bearer token should be stored in file and correctly signed. Signed-off-by: Alex Vanin --- cmd/neofs-cli/modules/object.go | 85 +++++++++++++++++++++++++++++---- 1 file changed, 76 insertions(+), 9 deletions(-) diff --git a/cmd/neofs-cli/modules/object.go b/cmd/neofs-cli/modules/object.go index 508a2e7b4..6995418ae 100644 --- a/cmd/neofs-cli/modules/object.go +++ b/cmd/neofs-cli/modules/object.go @@ -18,7 +18,10 @@ import ( "github.com/nspcc-dev/neofs-api-go/pkg/object" "github.com/nspcc-dev/neofs-api-go/pkg/owner" "github.com/nspcc-dev/neofs-api-go/pkg/token" + v2ACL "github.com/nspcc-dev/neofs-api-go/v2/acl" + grpcACL "github.com/nspcc-dev/neofs-api-go/v2/acl/grpc" "github.com/spf13/cobra" + "google.golang.org/protobuf/proto" ) var ( @@ -81,6 +84,7 @@ const ( func init() { rootCmd.AddCommand(objectCmd) + objectCmd.PersistentFlags().String("bearer", "", "File with signed JSON or binary encoded bearer token") objectCmd.AddCommand(objectPutCmd) objectPutCmd.Flags().String("file", "", "File with object payload") @@ -185,11 +189,16 @@ func putObject(cmd *cobra.Command, _ []string) error { if err != nil { return err } + btok, err := getBearerToken(cmd, "bearer") + if err != nil { + return err + } oid, err := cli.PutObject(ctx, new(client.PutObjectParams). WithObject(obj.Object()). WithPayloadReader(f), - client.WithSession(tok)) + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return fmt.Errorf("can't put object: %w", err) } @@ -210,9 +219,14 @@ func deleteObject(cmd *cobra.Command, _ []string) error { if err != nil { return err } + btok, err := getBearerToken(cmd, "bearer") + if err != nil { + return err + } err = cli.DeleteObject(ctx, new(client.DeleteObjectParams).WithAddress(objAddr), - client.WithSession(tok)) + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return err } @@ -246,11 +260,16 @@ func getObject(cmd *cobra.Command, _ []string) error { if err != nil { return err } + btok, err := getBearerToken(cmd, "bearer") + if err != nil { + return err + } obj, err := cli.GetObject(ctx, new(client.GetObjectParams). WithAddress(objAddr). WithPayloadWriter(out), - client.WithSession(tok)) + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return fmt.Errorf("can't put object: %w", err) } @@ -278,11 +297,17 @@ func getObjectHeader(cmd *cobra.Command, _ []string) error { if err != nil { return err } + btok, err := getBearerToken(cmd, "bearer") + if err != nil { + return err + } ps := new(client.ObjectHeaderParams).WithAddress(objAddr) if ok, _ := cmd.Flags().GetBool("main-only"); ok { ps = ps.WithMainFields() } - obj, err := cli.GetObjectHeader(ctx, ps, client.WithSession(tok)) + obj, err := cli.GetObjectHeader(ctx, ps, + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return fmt.Errorf("can't put object: %w", err) } @@ -306,9 +331,14 @@ func searchObject(cmd *cobra.Command, _ []string) error { if err != nil { return err } - + btok, err := getBearerToken(cmd, "bearer") + if err != nil { + return err + } ps := new(client.SearchObjectParams).WithContainerID(cid).WithSearchFilters(sf) - ids, err := cli.SearchObject(ctx, ps, client.WithSession(tok)) + ids, err := cli.SearchObject(ctx, ps, + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return fmt.Errorf("can't put object: %w", err) } @@ -338,10 +368,15 @@ func getObjectHash(cmd *cobra.Command, _ []string) error { if err != nil { return err } + btok, err := getBearerToken(cmd, "bearer") + if err != nil { + return err + } if len(ranges) == 0 { // hash of full payload obj, err := cli.GetObjectHeader(ctx, new(client.ObjectHeaderParams).WithAddress(objAddr), - client.WithSession(tok)) + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return fmt.Errorf("can't get object: %w", err) } @@ -357,7 +392,9 @@ func getObjectHash(cmd *cobra.Command, _ []string) error { ps := new(client.RangeChecksumParams).WithAddress(objAddr).WithRangeList(ranges...) switch typ { case hashSha256: - res, err := cli.ObjectPayloadRangeSHA256(ctx, ps, client.WithSession(tok)) + res, err := cli.ObjectPayloadRangeSHA256(ctx, ps, + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return err } @@ -366,7 +403,9 @@ func getObjectHash(cmd *cobra.Command, _ []string) error { hex.EncodeToString(res[i][:])) } case hashTz: - res, err := cli.ObjectPayloadRangeTZ(ctx, ps, client.WithSession(tok)) + res, err := cli.ObjectPayloadRangeTZ(ctx, ps, + client.WithSession(tok), + client.WithBearer(btok)) if err != nil { return err } @@ -573,3 +612,31 @@ func marshalHeader(cmd *cobra.Command, hdr *object.Object) ([]byte, error) { return nil, nil } } + +func getBearerToken(cmd *cobra.Command, flagname string) (*token.BearerToken, error) { + path, err := cmd.Flags().GetString(flagname) + if err != nil || len(path) == 0 { + return nil, nil + } + + data, err := ioutil.ReadFile(path) + if err != nil { + return nil, fmt.Errorf("can't read bearer token file: %w", err) + } + + v2token := v2ACL.BearerTokenFromJSON(data) + if v2token == nil { + msg := new(grpcACL.BearerToken) + if proto.Unmarshal(data, msg) != nil { + return nil, errors.New("can't decode bearer token") + } + + v2token = v2ACL.BearerTokenFromGRPCMessage(msg) + + printVerbose("Using binary encoded bearer token") + } else { + printVerbose("Using JSON encoded bearer token") + } + + return token.NewBearerTokenFromV2(v2token), nil +}