diff --git a/api/user-auth.go b/api/user-auth.go index 9f0a398d..85cab182 100644 --- a/api/user-auth.go +++ b/api/user-auth.go @@ -9,6 +9,7 @@ import ( "go.uber.org/zap" ) +// BearerTokenKey is an ID used to store bearer token in a context. const BearerTokenKey = "__context_bearer_token_key" // AttachUserAuth adds user authentication via center to router using log for logging. diff --git a/creds/accessbox/accessbox.go b/creds/accessbox/accessbox.go index 683afd72..66bcd367 100644 --- a/creds/accessbox/accessbox.go +++ b/creds/accessbox/accessbox.go @@ -3,19 +3,23 @@ package accessbox import "github.com/nspcc-dev/neofs-api-go/pkg/token" type ( + // Box provides marshalling/unmarshalling for the token. Box interface { Marshal() ([]byte, error) Unmarshal([]byte) error } + // Encoder provides encoding method. Encoder interface { Encode(Box) error } + // Decoder provides decoding method. Decoder interface { Decode(Box) error } + // BearerTokenBox is a marshalling/unmarshalling bearer token wrapper. BearerTokenBox interface { Box diff --git a/creds/accessbox/bearer_token.go b/creds/accessbox/bearer_token.go index f150491d..8551a52b 100644 --- a/creds/accessbox/bearer_token.go +++ b/creds/accessbox/bearer_token.go @@ -8,14 +8,17 @@ type bearerBox struct { tkn *token.BearerToken } +// NewBearerBox wraps given bearer token into BearerTokenBox. func NewBearerBox(token *token.BearerToken) BearerTokenBox { return &bearerBox{tkn: token} } +// Marshal serializes bearer token. func (b *bearerBox) Marshal() ([]byte, error) { return b.tkn.Marshal(nil) } +// Marshal initializes bearer box from its serialized representation. func (b *bearerBox) Unmarshal(data []byte) error { tkn := token.NewBearerToken() @@ -29,10 +32,12 @@ func (b *bearerBox) Unmarshal(data []byte) error { return nil } +// Token unwraps bearer token from the box. func (b *bearerBox) Token() *token.BearerToken { return b.tkn } +// SetToken sets new token in the box. func (b *bearerBox) SetToken(tkn *token.BearerToken) { b.tkn = tkn } diff --git a/creds/accessbox/decoder.go b/creds/accessbox/decoder.go index 241b5037..059a2972 100644 --- a/creds/accessbox/decoder.go +++ b/creds/accessbox/decoder.go @@ -18,6 +18,7 @@ type decoder struct { key hcs.PrivateKey } +// NewDecoder returns new private key decoder. func NewDecoder(r io.Reader, key hcs.PrivateKey) Decoder { return &decoder{Reader: bufio.NewReader(r), key: key} } @@ -81,6 +82,7 @@ func (d *decoder) Decode(box Box) error { return lastErr } +// Decode unwraps serialized bearer token from data into box using owner key. func Decode(data []byte, box Box, owner hcs.PrivateKey) error { return NewDecoder(bytes.NewBuffer(data), owner).Decode(box) } diff --git a/creds/accessbox/encoder.go b/creds/accessbox/encoder.go index 24bffaa8..d46b875b 100644 --- a/creds/accessbox/encoder.go +++ b/creds/accessbox/encoder.go @@ -19,7 +19,7 @@ type encoder struct { keys []hcs.PublicKey } -// NewEncoder creates encoder +// NewEncoder creates encoder. func NewEncoder(w io.Writer, owner hcs.PrivateKey, keys ...hcs.PublicKey) Encoder { return &encoder{ Writer: w, diff --git a/creds/bearer/credentials.go b/creds/bearer/credentials.go index b401014a..cbdd9f72 100644 --- a/creds/bearer/credentials.go +++ b/creds/bearer/credentials.go @@ -18,6 +18,7 @@ import ( ) type ( + // Credentials is a bearer token get/put interface. Credentials interface { Get(context.Context, *object.Address) (*token.BearerToken, error) Put(context.Context, *container.ID, *token.BearerToken, ...hcs.PublicKey) (*object.Address, error) @@ -30,7 +31,9 @@ type ( ) var ( - ErrEmptyPublicKeys = errors.New("HCS public keys could not be empty") + // ErrEmptyPublicKeys is returned when no HCS keys are provided. + ErrEmptyPublicKeys = errors.New("HCS public keys could not be empty") + // ErrEmptyBearerToken is returned when no bearer token is provided. ErrEmptyBearerToken = errors.New("Bearer token could not be empty") ) @@ -42,6 +45,7 @@ var bufferPool = sync.Pool{ var _ = New +// New creates new Credentials instance using given cli and key. func New(cli sdk.ClientPlant, key hcs.PrivateKey) Credentials { return &cred{obj: cli, key: key} } diff --git a/creds/hcs/credentials.go b/creds/hcs/credentials.go index 0ef0d457..5e3009f7 100644 --- a/creds/hcs/credentials.go +++ b/creds/hcs/credentials.go @@ -8,6 +8,7 @@ import ( ) type ( + // Credentials is an HCS interface (private/public key). Credentials interface { PublicKey() PublicKey PrivateKey() PrivateKey @@ -20,10 +21,12 @@ type ( String() string } + // PublicKey is a public key wrapper providing useful methods. PublicKey interface { keyer } + // PrivateKey is private key wrapper providing useful methods. PrivateKey interface { keyer @@ -39,10 +42,12 @@ type ( secret []byte ) +// ErrEmptyCredentials is returned when no credentials are provided. var ErrEmptyCredentials = errors.New("empty credentials") var _ = NewCredentials +// Generate generates new key pair using given source of randomness. func Generate(r io.Reader) (Credentials, error) { buf := make([]byte, curve25519.ScalarSize) @@ -57,6 +62,7 @@ func Generate(r io.Reader) (Credentials, error) { }, nil } +// NewCredentials loads private key from the string given and returns Credentials wrapper. func NewCredentials(val string) (Credentials, error) { if val == "" { return nil, ErrEmptyCredentials @@ -73,10 +79,12 @@ func NewCredentials(val string) (Credentials, error) { }, nil } +// PublicKey returns public key. func (c *credentials) PublicKey() PublicKey { return c.public } +// PrivateKey returns private key. func (c *credentials) PrivateKey() PrivateKey { return c.secret } diff --git a/creds/hcs/public.go b/creds/hcs/public.go index e57daa71..9a72551c 100644 --- a/creds/hcs/public.go +++ b/creds/hcs/public.go @@ -40,6 +40,7 @@ func publicKeyFromString(val string) (PublicKey, error) { return publicKeyFromBytes(v) } +// NewPublicKeyFromReader reads new public key from given reader. func NewPublicKeyFromReader(r io.Reader) (PublicKey, error) { data := make([]byte, curve25519.PointSize) if _, err := r.Read(data); err != nil { @@ -49,6 +50,7 @@ func NewPublicKeyFromReader(r io.Reader) (PublicKey, error) { return publicKeyFromBytes(data) } +// LoadPublicKey loads public key from given file or (serialized) string. func LoadPublicKey(val string) (PublicKey, error) { data, err := ioutil.ReadFile(val) if err != nil {