forked from TrueCloudLab/frostfs-sdk-go
Compare commits
3 commits
master
...
support/v1
Author | SHA1 | Date | |
---|---|---|---|
|
a1e17ea1f2 | ||
|
129012748e | ||
|
0367c83f5a |
4 changed files with 119 additions and 1 deletions
|
@ -26,6 +26,9 @@ func NewCache() (*SessionCache, error) {
|
||||||
return &SessionCache{cache: cache}, nil
|
return &SessionCache{cache: cache}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get returns a copy of the session token from the cache without signature
|
||||||
|
// and context related fields. Returns nil if token is missing in the cache.
|
||||||
|
// It is safe to modify and re-sign returned session token.
|
||||||
func (c *SessionCache) Get(key string) *session.Token {
|
func (c *SessionCache) Get(key string) *session.Token {
|
||||||
valueRaw, ok := c.cache.Get(key)
|
valueRaw, ok := c.cache.Get(key)
|
||||||
if !ok {
|
if !ok {
|
||||||
|
@ -35,7 +38,13 @@ func (c *SessionCache) Get(key string) *session.Token {
|
||||||
value := valueRaw.(*cacheValue)
|
value := valueRaw.(*cacheValue)
|
||||||
value.atime = time.Now()
|
value.atime = time.Now()
|
||||||
|
|
||||||
return value.token
|
if value.token == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
res := copySessionTokenWithoutSignatureAndContext(*value.token)
|
||||||
|
|
||||||
|
return &res
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *SessionCache) GetAccessTime(key string) (time.Time, bool) {
|
func (c *SessionCache) GetAccessTime(key string) (time.Time, bool) {
|
||||||
|
|
|
@ -4,6 +4,9 @@ import (
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
||||||
|
"github.com/nspcc-dev/neofs-sdk-go/session"
|
||||||
|
sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -29,3 +32,32 @@ func TestSessionCache_GetAccessTime(t *testing.T) {
|
||||||
require.True(t, ok)
|
require.True(t, ok)
|
||||||
require.NotEqual(t, t1, t3)
|
require.NotEqual(t, t1, t3)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestSessionCache_GetUnmodifiedToken(t *testing.T) {
|
||||||
|
const key = "Foo"
|
||||||
|
target := sessiontest.Token()
|
||||||
|
|
||||||
|
pk, err := keys.NewPrivateKey()
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
check := func(t *testing.T, tok *session.Token, extra string) {
|
||||||
|
require.Empty(t, tok.Signature().Sign(), extra)
|
||||||
|
require.Nil(t, tok.Context(), extra)
|
||||||
|
}
|
||||||
|
|
||||||
|
cache, err := NewCache()
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
cache.Put(key, target)
|
||||||
|
value := cache.Get(key)
|
||||||
|
check(t, value, "before sign")
|
||||||
|
|
||||||
|
err = value.Sign(&pk.PrivateKey)
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
octx := sessiontest.ObjectContext()
|
||||||
|
value.SetContext(octx)
|
||||||
|
|
||||||
|
value = cache.Get(key)
|
||||||
|
check(t, value, "after sign")
|
||||||
|
}
|
||||||
|
|
47
pool/pool.go
47
pool/pool.go
|
@ -807,6 +807,10 @@ func (p *Pool) DeleteObject(ctx context.Context, addr address.Address, opts ...C
|
||||||
prm.ByID(*obj)
|
prm.ByID(*obj)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if cfg.btoken != nil {
|
||||||
|
prm.WithBearerToken(*cfg.btoken)
|
||||||
|
}
|
||||||
|
|
||||||
prm.UseKey(*cc.key)
|
prm.UseKey(*cc.key)
|
||||||
|
|
||||||
return p.callWithRetry(&cc, func() error {
|
return p.callWithRetry(&cc, func() error {
|
||||||
|
@ -862,6 +866,10 @@ func (p *Pool) GetObject(ctx context.Context, addr address.Address, opts ...Call
|
||||||
prm.ByID(*obj)
|
prm.ByID(*obj)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if cfg.btoken != nil {
|
||||||
|
prm.WithBearerToken(*cfg.btoken)
|
||||||
|
}
|
||||||
|
|
||||||
var res ResGetObject
|
var res ResGetObject
|
||||||
|
|
||||||
err = p.callWithRetry(&cc, func() error {
|
err = p.callWithRetry(&cc, func() error {
|
||||||
|
@ -914,6 +922,10 @@ func (p *Pool) HeadObject(ctx context.Context, addr address.Address, opts ...Cal
|
||||||
prm.ByID(*obj)
|
prm.ByID(*obj)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if cfg.btoken != nil {
|
||||||
|
prm.WithBearerToken(*cfg.btoken)
|
||||||
|
}
|
||||||
|
|
||||||
prm.UseKey(*cc.key)
|
prm.UseKey(*cc.key)
|
||||||
|
|
||||||
var obj object.Object
|
var obj object.Object
|
||||||
|
@ -979,6 +991,10 @@ func (p *Pool) ObjectRange(ctx context.Context, addr address.Address, off, ln ui
|
||||||
prm.ByID(*obj)
|
prm.ByID(*obj)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if cfg.btoken != nil {
|
||||||
|
prm.WithBearerToken(*cfg.btoken)
|
||||||
|
}
|
||||||
|
|
||||||
var res ResObjectRange
|
var res ResObjectRange
|
||||||
|
|
||||||
err = p.callWithRetry(&cc, func() error {
|
err = p.callWithRetry(&cc, func() error {
|
||||||
|
@ -1037,6 +1053,10 @@ func (p *Pool) SearchObjects(ctx context.Context, idCnr cid.ID, filters object.S
|
||||||
prm.InContainer(idCnr)
|
prm.InContainer(idCnr)
|
||||||
prm.SetFilters(filters)
|
prm.SetFilters(filters)
|
||||||
|
|
||||||
|
if cfg.btoken != nil {
|
||||||
|
prm.WithBearerToken(*cfg.btoken)
|
||||||
|
}
|
||||||
|
|
||||||
var cc callContextWithRetry
|
var cc callContextWithRetry
|
||||||
|
|
||||||
cc.Context = ctx
|
cc.Context = ctx
|
||||||
|
@ -1277,3 +1297,30 @@ func newAddressFromCnrID(cnrID *cid.ID) *address.Address {
|
||||||
addr.SetContainerID(cnrID)
|
addr.SetContainerID(cnrID)
|
||||||
return addr
|
return addr
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func copySessionTokenWithoutSignatureAndContext(from session.Token) (to session.Token) {
|
||||||
|
to.SetIat(from.Iat())
|
||||||
|
to.SetExp(from.Exp())
|
||||||
|
to.SetNbf(from.Nbf())
|
||||||
|
|
||||||
|
sessionTokenID := make([]byte, len(from.ID()))
|
||||||
|
copy(sessionTokenID, from.ID())
|
||||||
|
to.SetID(sessionTokenID)
|
||||||
|
|
||||||
|
sessionTokenKey := make([]byte, len(from.SessionKey()))
|
||||||
|
copy(sessionTokenKey, from.SessionKey())
|
||||||
|
to.SetSessionKey(sessionTokenKey)
|
||||||
|
|
||||||
|
var sessionTokenOwner owner.ID
|
||||||
|
buf, err := from.OwnerID().Marshal()
|
||||||
|
if err != nil {
|
||||||
|
panic(err) // should never happen
|
||||||
|
}
|
||||||
|
err = sessionTokenOwner.Unmarshal(buf)
|
||||||
|
if err != nil {
|
||||||
|
panic(err) // should never happen
|
||||||
|
}
|
||||||
|
to.SetOwnerID(&sessionTokenOwner)
|
||||||
|
|
||||||
|
return to
|
||||||
|
}
|
||||||
|
|
|
@ -19,6 +19,7 @@ import (
|
||||||
"github.com/nspcc-dev/neofs-sdk-go/object/address"
|
"github.com/nspcc-dev/neofs-sdk-go/object/address"
|
||||||
"github.com/nspcc-dev/neofs-sdk-go/owner"
|
"github.com/nspcc-dev/neofs-sdk-go/owner"
|
||||||
"github.com/nspcc-dev/neofs-sdk-go/session"
|
"github.com/nspcc-dev/neofs-sdk-go/session"
|
||||||
|
sessiontest "github.com/nspcc-dev/neofs-sdk-go/session/test"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
)
|
)
|
||||||
|
@ -590,3 +591,32 @@ func TestWaitPresence(t *testing.T) {
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestCopySessionTokenWithoutSignatureAndContext(t *testing.T) {
|
||||||
|
from := sessiontest.SignedToken()
|
||||||
|
to := copySessionTokenWithoutSignatureAndContext(*from)
|
||||||
|
|
||||||
|
require.Equal(t, from.Nbf(), to.Nbf())
|
||||||
|
require.Equal(t, from.Exp(), to.Exp())
|
||||||
|
require.Equal(t, from.Iat(), to.Iat())
|
||||||
|
require.Equal(t, from.ID(), to.ID())
|
||||||
|
require.Equal(t, from.OwnerID().String(), to.OwnerID().String())
|
||||||
|
require.Equal(t, from.SessionKey(), to.SessionKey())
|
||||||
|
|
||||||
|
require.Empty(t, to.Signature().Sign())
|
||||||
|
require.Empty(t, to.Signature().Key())
|
||||||
|
|
||||||
|
t.Run("empty object context", func(t *testing.T) {
|
||||||
|
octx := sessiontest.ObjectContext()
|
||||||
|
from.SetContext(octx)
|
||||||
|
to = copySessionTokenWithoutSignatureAndContext(*from)
|
||||||
|
require.Nil(t, to.Context())
|
||||||
|
})
|
||||||
|
|
||||||
|
t.Run("empty container context", func(t *testing.T) {
|
||||||
|
cctx := sessiontest.ContainerContext()
|
||||||
|
from.SetContext(cctx)
|
||||||
|
to = copySessionTokenWithoutSignatureAndContext(*from)
|
||||||
|
require.Nil(t, to.Context())
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue