Update to neofs-api v0.7.4

This commit is contained in:
Leonard Lyubich 2020-05-08 10:49:23 +03:00
parent 2abcfb7219
commit d8cc00b54c
8 changed files with 50 additions and 64 deletions

View file

@ -1,4 +1,4 @@
PROTO_VERSION=v0.7.3 PROTO_VERSION=v0.7.4
PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
B=\033[0;1m B=\033[0;1m

View file

@ -17,6 +17,7 @@
- [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature) - [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature)
- [Token](#service.Token) - [Token](#service.Token)
- [Token.Info](#service.Token.Info) - [Token.Info](#service.Token.Info)
- [TokenLifetime](#service.TokenLifetime)
- [service/verify_test.proto](#service/verify_test.proto) - [service/verify_test.proto](#service/verify_test.proto)
@ -129,10 +130,21 @@ User token granting rights for object manipulation
| OwnerID | [bytes](#bytes) | | OwnerID is an owner of manipulation object | | OwnerID | [bytes](#bytes) | | OwnerID is an owner of manipulation object |
| verb | [Token.Info.Verb](#service.Token.Info.Verb) | | Verb is a type of request for which the token is issued | | verb | [Token.Info.Verb](#service.Token.Info.Verb) | | Verb is a type of request for which the token is issued |
| Address | [refs.Address](#refs.Address) | | Address is an object address for which token is issued | | Address | [refs.Address](#refs.Address) | | Address is an object address for which token is issued |
| Created | [uint64](#uint64) | | Created is an initial epoch of token lifetime | | Lifetime | [TokenLifetime](#service.TokenLifetime) | | Lifetime is a lifetime of the session |
| ValidUntil | [uint64](#uint64) | | ValidUntil is a last epoch of token lifetime |
| SessionKey | [bytes](#bytes) | | SessionKey is a public key of session key | | SessionKey | [bytes](#bytes) | | SessionKey is a public key of session key |
<a name="service.TokenLifetime"></a>
### Message TokenLifetime
TokenLifetime carries a group of lifetime parameters of the token
| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
| Created | [uint64](#uint64) | | Created carries an initial epoch of token lifetime |
| ValidUntil | [uint64](#uint64) | | ValidUntil carries a last epoch of token lifetime |
<!-- end messages --> <!-- end messages -->

View file

@ -30,22 +30,13 @@
``` ```
rpc Create(stream CreateRequest) returns (stream CreateResponse); rpc Create(CreateRequest) returns (CreateResponse);
``` ```
#### Method Create #### Method Create
Create is a method that used to open a trusted session to manipulate Create opens new session between the client and the server
an object. In order to put or delete object client have to obtain session
token with trusted node. Trusted node will modify client's object
(add missing headers, checksums, homomorphic hash) and sign id with
session key. Session is established during 4-step handshake in one gRPC stream
- First client stream message SHOULD BE type of `CreateRequest_Init`.
- First server stream message SHOULD BE type of `CreateResponse_Unsigned`.
- Second client stream message SHOULD BE type of `CreateRequest_Signed`.
- Second server stream message SHOULD BE type of `CreateResponse_Result`.
| Name | Input | Output | | Name | Input | Output |
| ---- | ----- | ------ | | ---- | ----- | ------ |
@ -56,13 +47,13 @@ session key. Session is established during 4-step handshake in one gRPC stream
<a name="session.CreateRequest"></a> <a name="session.CreateRequest"></a>
### Message CreateRequest ### Message CreateRequest
CreateRequest carries an information necessary for opening a session
| Field | Type | Label | Description | | Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- | | ----- | ---- | ----- | ----------- |
| Init | [service.Token](#service.Token) | | Init is a message to initialize session opening. Carry: owner of manipulation object; ID of manipulation object; token lifetime bounds. | | OwnerID | [bytes](#bytes) | | OwnerID carries an identifier of a session initiator |
| Signed | [service.Token](#service.Token) | | Signed Init message response (Unsigned) from server with user private key | | Lifetime | [service.TokenLifetime](#service.TokenLifetime) | | Lifetime carries a lifetime of the session |
| Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) | | Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
| Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) | | Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
@ -70,13 +61,13 @@ session key. Session is established during 4-step handshake in one gRPC stream
<a name="session.CreateResponse"></a> <a name="session.CreateResponse"></a>
### Message CreateResponse ### Message CreateResponse
CreateResponse carries an information about the opened session
| Field | Type | Label | Description | | Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- | | ----- | ---- | ----- | ----------- |
| Unsigned | [service.Token](#service.Token) | | Unsigned token with token ID and session public key generated on server side | | ID | [bytes](#bytes) | | ID carries an identifier of session token |
| Result | [service.Token](#service.Token) | | Result is a resulting token which can be used for object placing through an trusted intermediary | | SessionKey | [bytes](#bytes) | | SessionKey carries a session public key |
<!-- end messages --> <!-- end messages -->

Binary file not shown.

View file

@ -58,14 +58,11 @@ message Token {
// Address is an object address for which token is issued // Address is an object address for which token is issued
refs.Address Address = 4 [(gogoproto.nullable) = false, (gogoproto.customtype) = "Address"]; refs.Address Address = 4 [(gogoproto.nullable) = false, (gogoproto.customtype) = "Address"];
// Created is an initial epoch of token lifetime // Lifetime is a lifetime of the session
uint64 Created = 5; TokenLifetime Lifetime = 5 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
// ValidUntil is a last epoch of token lifetime
uint64 ValidUntil = 6;
// SessionKey is a public key of session key // SessionKey is a public key of session key
bytes SessionKey = 7; bytes SessionKey = 6;
} }
// TokenInfo is a grouped information about token // TokenInfo is a grouped information about token
@ -75,6 +72,15 @@ message Token {
bytes Signature = 8; bytes Signature = 8;
} }
// TokenLifetime carries a group of lifetime parameters of the token
message TokenLifetime {
// Created carries an initial epoch of token lifetime
uint64 Created = 1;
// ValidUntil carries a last epoch of token lifetime
uint64 ValidUntil = 2;
}
// TODO: for variable token types and version redefine message // TODO: for variable token types and version redefine message
// Example: // Example:
// message Token { // message Token {

View file

@ -1,11 +1 @@
package session package session
// NewInitRequest returns new initialization CreateRequest from passed Token.
func NewInitRequest(t *Token) *CreateRequest {
return &CreateRequest{Message: &CreateRequest_Init{Init: t}}
}
// NewSignedRequest returns new signed CreateRequest from passed Token.
func NewSignedRequest(t *Token) *CreateRequest {
return &CreateRequest{Message: &CreateRequest_Signed{Signed: t}}
}

Binary file not shown.

View file

@ -11,42 +11,29 @@ option (gogoproto.stable_marshaler_all) = true;
service Session { service Session {
// Create is a method that used to open a trusted session to manipulate // Create opens new session between the client and the server
// an object. In order to put or delete object client have to obtain session rpc Create (CreateRequest) returns (CreateResponse);
// token with trusted node. Trusted node will modify client's object
// (add missing headers, checksums, homomorphic hash) and sign id with
// session key. Session is established during 4-step handshake in one gRPC stream
//
// - First client stream message SHOULD BE type of `CreateRequest_Init`.
// - First server stream message SHOULD BE type of `CreateResponse_Unsigned`.
// - Second client stream message SHOULD BE type of `CreateRequest_Signed`.
// - Second server stream message SHOULD BE type of `CreateResponse_Result`.
rpc Create (stream CreateRequest) returns (stream CreateResponse);
} }
// CreateRequest carries an information necessary for opening a session
message CreateRequest { message CreateRequest {
// Message should be one of // OwnerID carries an identifier of a session initiator
oneof Message { bytes OwnerID = 1 [(gogoproto.nullable) = false, (gogoproto.customtype) = "OwnerID"];
// Init is a message to initialize session opening. Carry:
// owner of manipulation object; // Lifetime carries a lifetime of the session
// ID of manipulation object; service.TokenLifetime Lifetime = 2 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
// token lifetime bounds.
service.Token Init = 1;
// Signed Init message response (Unsigned) from server with user private key
service.Token Signed = 2;
}
// RequestMetaHeader contains information about request meta headers (should be embedded into message) // RequestMetaHeader contains information about request meta headers (should be embedded into message)
service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false]; service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
// RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message)
service.RequestVerificationHeader Verify = 99 [(gogoproto.embed) = true, (gogoproto.nullable) = false]; service.RequestVerificationHeader Verify = 99 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
} }
// CreateResponse carries an information about the opened session
message CreateResponse { message CreateResponse {
oneof Message { // ID carries an identifier of session token
// Unsigned token with token ID and session public key generated on server side bytes ID = 1 [(gogoproto.customtype) = "TokenID", (gogoproto.nullable) = false];
service.Token Unsigned = 1;
// Result is a resulting token which can be used for object placing through an trusted intermediary // SessionKey carries a session public key
service.Token Result = 2; bytes SessionKey = 2;
}
} }