2022-04-07 16:09:15 +00:00
|
|
|
/*
|
2022-12-29 10:46:18 +00:00
|
|
|
Package session collects functionality of the FrostFS sessions.
|
2022-04-07 16:09:15 +00:00
|
|
|
|
2022-12-29 10:46:18 +00:00
|
|
|
Sessions are used in FrostFS as a mechanism for transferring the power of attorney
|
2022-04-07 16:09:15 +00:00
|
|
|
of actions to another network member.
|
|
|
|
|
|
|
|
Session tokens represent proof of trust. Each session has a limited lifetime and
|
2022-12-29 10:46:18 +00:00
|
|
|
scope related to some FrostFS service: Object, Container, etc.
|
2022-04-07 16:09:15 +00:00
|
|
|
|
|
|
|
Both parties agree on a secret (private session key), the possession of which
|
|
|
|
will be authenticated by a trusted person. The principal confirms his trust by
|
|
|
|
signing the public part of the secret (public session key).
|
2022-08-24 14:17:40 +00:00
|
|
|
|
2022-04-07 16:09:15 +00:00
|
|
|
var tok Container
|
|
|
|
tok.ForVerb(VerbContainerDelete)
|
|
|
|
tok.SetAuthKey(trustedKey)
|
|
|
|
// ...
|
|
|
|
|
|
|
|
err := tok.Sign(principalKey)
|
|
|
|
// ...
|
|
|
|
|
|
|
|
// transfer the token to a trusted party
|
|
|
|
|
|
|
|
The trusted member can perform operations on behalf of the trustee.
|
|
|
|
|
2022-12-29 10:46:18 +00:00
|
|
|
Instances can be also used to process FrostFS API V2 protocol messages
|
2023-03-07 11:20:03 +00:00
|
|
|
(see neo.fs.v2.accounting package in https://git.frostfs.info/TrueCloudLab/frostfs-api).
|
2022-04-07 16:09:15 +00:00
|
|
|
|
|
|
|
On client side:
|
2022-08-24 14:17:40 +00:00
|
|
|
|
2024-10-07 14:20:25 +00:00
|
|
|
import "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/session"
|
2022-04-07 16:09:15 +00:00
|
|
|
|
|
|
|
var msg session.Token
|
|
|
|
tok.WriteToV2(&msg)
|
|
|
|
|
|
|
|
// send msg
|
|
|
|
|
|
|
|
On server side:
|
2022-08-24 14:17:40 +00:00
|
|
|
|
2022-04-07 16:09:15 +00:00
|
|
|
// recv msg
|
|
|
|
|
|
|
|
var tok session.Container
|
|
|
|
tok.ReadFromV2(msg)
|
|
|
|
|
|
|
|
// process cnr
|
|
|
|
|
|
|
|
Using package types in an application is recommended to potentially work with
|
|
|
|
different protocol versions with which these types are compatible.
|
|
|
|
*/
|
|
|
|
package session
|