frostfs-testcases/robot/resources/lib/python_keywords/session_token.py
a.y.volkov 0e27ea02c1 Some linter fixes.
Signed-off-by: a.y.volkov <a.y.volkov@yadro.com>
2022-06-09 16:12:55 +03:00

101 lines
3.2 KiB
Python

#!/usr/bin/python3
"""
This module contains keywords for work with session token.
"""
import base64
import json
import os
import uuid
from neo3 import wallet
from robot.api import logger
from robot.api.deco import keyword
import json_transformers
from cli_helpers import _cmd_run
from common import WALLET_PASS, ASSETS_DIR
ROBOT_AUTO_KEYWORDS = False
# path to neofs-cli executable
NEOFS_CLI_EXEC = os.getenv('NEOFS_CLI_EXEC', 'neofs-cli')
@keyword('Generate Session Token')
def generate_session_token(owner: str, session_wallet: str, cid: str = '') -> str:
"""
This function generates session token for ContainerSessionContext
and writes it to the file. It is able to prepare session token file
for a specific container (<cid>) or for every container (adds
"wildcard" field).
Args:
owner(str): wallet address of container owner
session_wallet(str): the path to wallet to which we grant the
access via session token
cid(optional, str): container ID of the container; if absent,
we assume the session token is generated for any
container
Returns:
(str): the path to the generated session token file
"""
file_path = f"{os.getcwd()}/{ASSETS_DIR}/{uuid.uuid4()}"
session_wlt_content = ''
with open(session_wallet) as fout:
session_wlt_content = json.load(fout)
session_wlt = wallet.Wallet.from_json(session_wlt_content, password="")
pub_key_64 = base64.b64encode(
bytes.fromhex(
str(session_wlt.accounts[0].public_key)
)
).decode('utf-8')
session_token = {
"body": {
"id": f"{base64.b64encode(uuid.uuid4().bytes).decode('utf-8')}",
"ownerID": {
"value": f"{json_transformers.encode_for_json(owner)}"
},
"lifetime": {
"exp": "100000000",
"nbf": "0",
"iat": "0"
},
"sessionKey": f"{pub_key_64}",
"container": {
"verb": "PUT",
"wildcard": cid != '',
**({"containerID":
{"value": f"{base64.b64encode(cid.encode('utf-8')).decode('utf-8')}"}
} if cid != '' else {}
)
}
}
}
logger.info(f"Got this Session Token: {session_token}")
with open(file_path, 'w', encoding='utf-8') as session_token_file:
json.dump(session_token, session_token_file, ensure_ascii=False, indent=4)
return file_path
@keyword('Sign Session Token')
def sign_session_token(session_token: str, wlt: str):
"""
This function signs the session token by the given wallet.
Args:
session_token(str): the path to the session token file
wlt(str): the path to the signing wallet
Returns:
(str): the path to the signed token
"""
signed_token = f"{os.getcwd()}/{ASSETS_DIR}/{uuid.uuid4()}"
cmd = (
f'{NEOFS_CLI_EXEC} util sign session-token --from {session_token} '
f'-w {wlt} --to {signed_token} --config {WALLET_PASS}'
)
_cmd_run(cmd)
return signed_token