From f7784db14620e369df44327398b0a0ee1421a462 Mon Sep 17 00:00:00 2001
From: Denis Kirillov <d.kirillov@yadro.com>
Date: Mon, 15 May 2023 14:29:52 +0300
Subject: [PATCH] [#40] Update forming bearer token instruction

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
---
 README.md | 32 ++++++++------------------------
 1 file changed, 8 insertions(+), 24 deletions(-)

diff --git a/README.md b/README.md
index 504768f..1e050af 100644
--- a/README.md
+++ b/README.md
@@ -484,43 +484,26 @@ the corresponding header to the upload request. Accessing the ACL protected data
 works the same way.
 
 ##### Example
-In order to generate a bearer token, you need to know the container owner key and
+In order to generate a bearer token, you need to have wallet (which will be used to sign the token) and
 the address of the sender who will do the request to FrostFS (in our case, it's a gateway wallet address).
 
 Suppose we have:
-* **KxDgvEKzgSBPPfuVfw67oPQBSjidEiqTHURKSDL1R7yGaGYAeYnr** (container owner key)
-* **NhVtreTTCoqsMQV5Wp55fqnriiUCpEaKm3** (token owner address)
-* **BJeErH9MWmf52VsR1mLWKkgF3pRm3FkubYxM7TZkBP4K** (container id)
+* **NhVtreTTCoqsMQV5Wp55fqnriiUCpEaKm3** (token owner (gateway address))
 
 Firstly, we need to encode the container id and the sender address to base64 (now it's base58).
 So use **base58** and **base64** utils.
 
-1. Encoding container id:
-```
-$ echo 'BJeErH9MWmf52VsR1mLWKkgF3pRm3FkubYxM7TZkBP4K' | base58 --decode | base64
-# output: mRnZWzewzxjzIPa7Fqlfqdl3TM1KpJ0YnsXsEhafJJg=
-```
-
-2. Encoding token owner id:
+1. Encoding token owner id:
 ```
 $ echo 'NhVtreTTCoqsMQV5Wp55fqnriiUCpEaKm3' | base58 --decode | base64
 # output: NezFK4ujidF+X7bB88uzREQzRQeAvdj3Gg==
 ```
 
-Now, we can form a Bearer token (10000 is liftetime expiration in epoch) and save it to **bearer.json**:
+2. Form a Bearer token (10000 is lifetime expiration in epoch) and save it to **bearer.json**:
 ```
 {
     "body": {
-        "eaclTable": {
-            "version": {
-                "major": 0,
-                "minor": 0
-            },
-            "containerID": {
-                "value": "mRnZWzewzxjzIPa7Fqlfqdl3TM1KpJ0YnsXsEhafJJg="
-            },
-            "records": []
-        },
+        "allowImpersonate": true,
         "ownerID": {
             "value": "NezFK4ujidF+X7bB88uzREQzRQeAvdj3Gg=="
         },
@@ -534,11 +517,12 @@ Now, we can form a Bearer token (10000 is liftetime expiration in epoch) and sav
 }
 ```
 
-Next, sign it with the container owner key:
+3. Sign it with the wallet:
 ```
 $ frostfs-cli util sign bearer-token --from bearer.json --to signed.json -w ./wallet.json
 ```
-Encoding to base64 to use via the header:
+
+4. Encode to base64 to use in header:
 ```
 $ base64 -w 0 signed.json
 # output: Ck4KKgoECAIQBhIiCiCZGdlbN7DPGPMg9rsWqV+p2XdMzUqknRiexewSFp8kmBIbChk17MUri6OJ0X5ftsHzy7NERDNFB4C92PcaGgMIkE4SZgohAxpsb7vfAso1F0X6hrm6WpRS14WsT3/Ct1SMoqRsT89KEkEEGxKi8GjKSf52YqhppgaOTQHbUsL3jn7SHLqS3ndAQ7NtAATnmRHleZw2V2xRRSRBQdjDC05KK83LhdSax72Fsw==