forked from TrueCloudLab/frostfs-rest-gw
[#73] Add missed CORS
Allow X-Bearer-For-All-Users, X-Bearer-Lifetime headers. Add CORS to /auth/bearer route. Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
b2fdb8c5f8
commit
feaea15aa7
8 changed files with 247 additions and 1 deletions
|
@ -193,6 +193,23 @@ func init() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"security": [],
|
||||||
|
"operationId": "optionsAuthBearer",
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "CORS",
|
||||||
|
"headers": {
|
||||||
|
"Access-Control-Allow-Headers": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"Access-Control-Allow-Origin": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/containers": {
|
"/containers": {
|
||||||
|
@ -1822,6 +1839,23 @@ func init() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"options": {
|
||||||
|
"security": [],
|
||||||
|
"operationId": "optionsAuthBearer",
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "CORS",
|
||||||
|
"headers": {
|
||||||
|
"Access-Control-Allow-Headers": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"Access-Control-Allow-Origin": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/containers": {
|
"/containers": {
|
||||||
|
|
|
@ -74,6 +74,9 @@ func NewNeofsRestGwAPI(spec *loads.Document) *NeofsRestGwAPI {
|
||||||
OptionsAuthHandler: OptionsAuthHandlerFunc(func(params OptionsAuthParams) middleware.Responder {
|
OptionsAuthHandler: OptionsAuthHandlerFunc(func(params OptionsAuthParams) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation OptionsAuth has not yet been implemented")
|
return middleware.NotImplemented("operation OptionsAuth has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
|
OptionsAuthBearerHandler: OptionsAuthBearerHandlerFunc(func(params OptionsAuthBearerParams) middleware.Responder {
|
||||||
|
return middleware.NotImplemented("operation OptionsAuthBearer has not yet been implemented")
|
||||||
|
}),
|
||||||
OptionsContainersEACLHandler: OptionsContainersEACLHandlerFunc(func(params OptionsContainersEACLParams) middleware.Responder {
|
OptionsContainersEACLHandler: OptionsContainersEACLHandlerFunc(func(params OptionsContainersEACLParams) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation OptionsContainersEACL has not yet been implemented")
|
return middleware.NotImplemented("operation OptionsContainersEACL has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
|
@ -174,6 +177,8 @@ type NeofsRestGwAPI struct {
|
||||||
ListContainersHandler ListContainersHandler
|
ListContainersHandler ListContainersHandler
|
||||||
// OptionsAuthHandler sets the operation handler for the options auth operation
|
// OptionsAuthHandler sets the operation handler for the options auth operation
|
||||||
OptionsAuthHandler OptionsAuthHandler
|
OptionsAuthHandler OptionsAuthHandler
|
||||||
|
// OptionsAuthBearerHandler sets the operation handler for the options auth bearer operation
|
||||||
|
OptionsAuthBearerHandler OptionsAuthBearerHandler
|
||||||
// OptionsContainersEACLHandler sets the operation handler for the options containers e ACL operation
|
// OptionsContainersEACLHandler sets the operation handler for the options containers e ACL operation
|
||||||
OptionsContainersEACLHandler OptionsContainersEACLHandler
|
OptionsContainersEACLHandler OptionsContainersEACLHandler
|
||||||
// OptionsContainersGetDeleteHandler sets the operation handler for the options containers get delete operation
|
// OptionsContainersGetDeleteHandler sets the operation handler for the options containers get delete operation
|
||||||
|
@ -305,6 +310,9 @@ func (o *NeofsRestGwAPI) Validate() error {
|
||||||
if o.OptionsAuthHandler == nil {
|
if o.OptionsAuthHandler == nil {
|
||||||
unregistered = append(unregistered, "OptionsAuthHandler")
|
unregistered = append(unregistered, "OptionsAuthHandler")
|
||||||
}
|
}
|
||||||
|
if o.OptionsAuthBearerHandler == nil {
|
||||||
|
unregistered = append(unregistered, "OptionsAuthBearerHandler")
|
||||||
|
}
|
||||||
if o.OptionsContainersEACLHandler == nil {
|
if o.OptionsContainersEACLHandler == nil {
|
||||||
unregistered = append(unregistered, "OptionsContainersEACLHandler")
|
unregistered = append(unregistered, "OptionsContainersEACLHandler")
|
||||||
}
|
}
|
||||||
|
@ -477,6 +485,10 @@ func (o *NeofsRestGwAPI) initHandlerCache() {
|
||||||
if o.handlers["OPTIONS"] == nil {
|
if o.handlers["OPTIONS"] == nil {
|
||||||
o.handlers["OPTIONS"] = make(map[string]http.Handler)
|
o.handlers["OPTIONS"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
|
o.handlers["OPTIONS"]["/auth/bearer"] = NewOptionsAuthBearer(o.context, o.OptionsAuthBearerHandler)
|
||||||
|
if o.handlers["OPTIONS"] == nil {
|
||||||
|
o.handlers["OPTIONS"] = make(map[string]http.Handler)
|
||||||
|
}
|
||||||
o.handlers["OPTIONS"]["/containers/{containerId}/eacl"] = NewOptionsContainersEACL(o.context, o.OptionsContainersEACLHandler)
|
o.handlers["OPTIONS"]["/containers/{containerId}/eacl"] = NewOptionsContainersEACL(o.context, o.OptionsContainersEACLHandler)
|
||||||
if o.handlers["OPTIONS"] == nil {
|
if o.handlers["OPTIONS"] == nil {
|
||||||
o.handlers["OPTIONS"] = make(map[string]http.Handler)
|
o.handlers["OPTIONS"] = make(map[string]http.Handler)
|
||||||
|
|
56
gen/restapi/operations/options_auth_bearer.go
Normal file
56
gen/restapi/operations/options_auth_bearer.go
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
package operations
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime/middleware"
|
||||||
|
)
|
||||||
|
|
||||||
|
// OptionsAuthBearerHandlerFunc turns a function with the right signature into a options auth bearer handler
|
||||||
|
type OptionsAuthBearerHandlerFunc func(OptionsAuthBearerParams) middleware.Responder
|
||||||
|
|
||||||
|
// Handle executing the request and returning a response
|
||||||
|
func (fn OptionsAuthBearerHandlerFunc) Handle(params OptionsAuthBearerParams) middleware.Responder {
|
||||||
|
return fn(params)
|
||||||
|
}
|
||||||
|
|
||||||
|
// OptionsAuthBearerHandler interface for that can handle valid options auth bearer params
|
||||||
|
type OptionsAuthBearerHandler interface {
|
||||||
|
Handle(OptionsAuthBearerParams) middleware.Responder
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewOptionsAuthBearer creates a new http.Handler for the options auth bearer operation
|
||||||
|
func NewOptionsAuthBearer(ctx *middleware.Context, handler OptionsAuthBearerHandler) *OptionsAuthBearer {
|
||||||
|
return &OptionsAuthBearer{Context: ctx, Handler: handler}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* OptionsAuthBearer swagger:route OPTIONS /auth/bearer optionsAuthBearer
|
||||||
|
|
||||||
|
OptionsAuthBearer options auth bearer API
|
||||||
|
|
||||||
|
*/
|
||||||
|
type OptionsAuthBearer struct {
|
||||||
|
Context *middleware.Context
|
||||||
|
Handler OptionsAuthBearerHandler
|
||||||
|
}
|
||||||
|
|
||||||
|
func (o *OptionsAuthBearer) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
||||||
|
route, rCtx, _ := o.Context.RouteInfo(r)
|
||||||
|
if rCtx != nil {
|
||||||
|
*r = *rCtx
|
||||||
|
}
|
||||||
|
var Params = NewOptionsAuthBearerParams()
|
||||||
|
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
res := o.Handler.Handle(Params) // actually handle the request
|
||||||
|
o.Context.Respond(rw, r, route.Produces, route, res)
|
||||||
|
|
||||||
|
}
|
46
gen/restapi/operations/options_auth_bearer_parameters.go
Normal file
46
gen/restapi/operations/options_auth_bearer_parameters.go
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
package operations
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/errors"
|
||||||
|
"github.com/go-openapi/runtime/middleware"
|
||||||
|
)
|
||||||
|
|
||||||
|
// NewOptionsAuthBearerParams creates a new OptionsAuthBearerParams object
|
||||||
|
//
|
||||||
|
// There are no default values defined in the spec.
|
||||||
|
func NewOptionsAuthBearerParams() OptionsAuthBearerParams {
|
||||||
|
|
||||||
|
return OptionsAuthBearerParams{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// OptionsAuthBearerParams contains all the bound params for the options auth bearer operation
|
||||||
|
// typically these are obtained from a http.Request
|
||||||
|
//
|
||||||
|
// swagger:parameters optionsAuthBearer
|
||||||
|
type OptionsAuthBearerParams struct {
|
||||||
|
|
||||||
|
// HTTP Request Object
|
||||||
|
HTTPRequest *http.Request `json:"-"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
|
||||||
|
// for simple values it will use straight method calls.
|
||||||
|
//
|
||||||
|
// To ensure default values, the struct must have been initialized with NewOptionsAuthBearerParams() beforehand.
|
||||||
|
func (o *OptionsAuthBearerParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
|
||||||
|
var res []error
|
||||||
|
|
||||||
|
o.HTTPRequest = r
|
||||||
|
|
||||||
|
if len(res) > 0 {
|
||||||
|
return errors.CompositeValidationError(res...)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
80
gen/restapi/operations/options_auth_bearer_responses.go
Normal file
80
gen/restapi/operations/options_auth_bearer_responses.go
Normal file
|
@ -0,0 +1,80 @@
|
||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
package operations
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// OptionsAuthBearerOKCode is the HTTP code returned for type OptionsAuthBearerOK
|
||||||
|
const OptionsAuthBearerOKCode int = 200
|
||||||
|
|
||||||
|
/*OptionsAuthBearerOK CORS
|
||||||
|
|
||||||
|
swagger:response optionsAuthBearerOK
|
||||||
|
*/
|
||||||
|
type OptionsAuthBearerOK struct {
|
||||||
|
/*
|
||||||
|
|
||||||
|
*/
|
||||||
|
AccessControlAllowHeaders string `json:"Access-Control-Allow-Headers"`
|
||||||
|
/*
|
||||||
|
|
||||||
|
*/
|
||||||
|
AccessControlAllowOrigin string `json:"Access-Control-Allow-Origin"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewOptionsAuthBearerOK creates OptionsAuthBearerOK with default headers values
|
||||||
|
func NewOptionsAuthBearerOK() *OptionsAuthBearerOK {
|
||||||
|
|
||||||
|
return &OptionsAuthBearerOK{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithAccessControlAllowHeaders adds the accessControlAllowHeaders to the options auth bearer o k response
|
||||||
|
func (o *OptionsAuthBearerOK) WithAccessControlAllowHeaders(accessControlAllowHeaders string) *OptionsAuthBearerOK {
|
||||||
|
o.AccessControlAllowHeaders = accessControlAllowHeaders
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetAccessControlAllowHeaders sets the accessControlAllowHeaders to the options auth bearer o k response
|
||||||
|
func (o *OptionsAuthBearerOK) SetAccessControlAllowHeaders(accessControlAllowHeaders string) {
|
||||||
|
o.AccessControlAllowHeaders = accessControlAllowHeaders
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithAccessControlAllowOrigin adds the accessControlAllowOrigin to the options auth bearer o k response
|
||||||
|
func (o *OptionsAuthBearerOK) WithAccessControlAllowOrigin(accessControlAllowOrigin string) *OptionsAuthBearerOK {
|
||||||
|
o.AccessControlAllowOrigin = accessControlAllowOrigin
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetAccessControlAllowOrigin sets the accessControlAllowOrigin to the options auth bearer o k response
|
||||||
|
func (o *OptionsAuthBearerOK) SetAccessControlAllowOrigin(accessControlAllowOrigin string) {
|
||||||
|
o.AccessControlAllowOrigin = accessControlAllowOrigin
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *OptionsAuthBearerOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
// response header Access-Control-Allow-Headers
|
||||||
|
|
||||||
|
accessControlAllowHeaders := o.AccessControlAllowHeaders
|
||||||
|
if accessControlAllowHeaders != "" {
|
||||||
|
rw.Header().Set("Access-Control-Allow-Headers", accessControlAllowHeaders)
|
||||||
|
}
|
||||||
|
|
||||||
|
// response header Access-Control-Allow-Origin
|
||||||
|
|
||||||
|
accessControlAllowOrigin := o.AccessControlAllowOrigin
|
||||||
|
if accessControlAllowOrigin != "" {
|
||||||
|
rw.Header().Set("Access-Control-Allow-Origin", accessControlAllowOrigin)
|
||||||
|
}
|
||||||
|
|
||||||
|
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
|
||||||
|
|
||||||
|
rw.WriteHeader(200)
|
||||||
|
}
|
|
@ -100,6 +100,7 @@ func (a *API) Configure(api *operations.NeofsRestGwAPI) http.Handler {
|
||||||
api.OptionsAuthHandler = operations.OptionsAuthHandlerFunc(a.OptionsAuth)
|
api.OptionsAuthHandler = operations.OptionsAuthHandlerFunc(a.OptionsAuth)
|
||||||
api.AuthHandler = operations.AuthHandlerFunc(a.PostAuth)
|
api.AuthHandler = operations.AuthHandlerFunc(a.PostAuth)
|
||||||
|
|
||||||
|
api.OptionsAuthBearerHandler = operations.OptionsAuthBearerHandlerFunc(a.OptionsAuthBearer)
|
||||||
api.FormBinaryBearerHandler = operations.FormBinaryBearerHandlerFunc(a.FormBinaryBearer)
|
api.FormBinaryBearerHandler = operations.FormBinaryBearerHandlerFunc(a.FormBinaryBearer)
|
||||||
|
|
||||||
api.GetBalanceHandler = operations.GetBalanceHandlerFunc(a.Balance)
|
api.GetBalanceHandler = operations.GetBalanceHandlerFunc(a.Balance)
|
||||||
|
|
|
@ -8,7 +8,7 @@ import (
|
||||||
const (
|
const (
|
||||||
allOrigins = "*"
|
allOrigins = "*"
|
||||||
allowMethods = "PUT, DELETE"
|
allowMethods = "PUT, DELETE"
|
||||||
allowHeaders = "X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
|
allowHeaders = "X-Bearer-For-All-Users, X-Bearer-Lifetime, X-Bearer-Owner-Id, X-Bearer-Signature, X-Bearer-Signature-Key, Content-Type, Authorization"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
|
func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
|
||||||
|
@ -17,6 +17,12 @@ func (a *API) OptionsAuth(operations.OptionsAuthParams) middleware.Responder {
|
||||||
WithAccessControlAllowHeaders(allowHeaders)
|
WithAccessControlAllowHeaders(allowHeaders)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (a *API) OptionsAuthBearer(operations.OptionsAuthBearerParams) middleware.Responder {
|
||||||
|
return operations.NewOptionsAuthBearerOK().
|
||||||
|
WithAccessControlAllowOrigin(allOrigins).
|
||||||
|
WithAccessControlAllowHeaders(allowHeaders)
|
||||||
|
}
|
||||||
|
|
||||||
func (a *API) OptionsObjectSearch(operations.OptionsObjectsSearchParams) middleware.Responder {
|
func (a *API) OptionsObjectSearch(operations.OptionsObjectsSearchParams) middleware.Responder {
|
||||||
return operations.NewOptionsObjectsSearchOK().
|
return operations.NewOptionsObjectsSearchOK().
|
||||||
WithAccessControlAllowOrigin(allOrigins).
|
WithAccessControlAllowOrigin(allOrigins).
|
||||||
|
|
|
@ -118,6 +118,17 @@ paths:
|
||||||
$ref: '#/definitions/ErrorResponse'
|
$ref: '#/definitions/ErrorResponse'
|
||||||
|
|
||||||
/auth/bearer:
|
/auth/bearer:
|
||||||
|
options:
|
||||||
|
operationId: optionsAuthBearer
|
||||||
|
security: [ ]
|
||||||
|
responses:
|
||||||
|
200:
|
||||||
|
description: CORS
|
||||||
|
headers:
|
||||||
|
Access-Control-Allow-Origin:
|
||||||
|
type: string
|
||||||
|
Access-Control-Allow-Headers:
|
||||||
|
type: string
|
||||||
get:
|
get:
|
||||||
operationId: formBinaryBearer
|
operationId: formBinaryBearer
|
||||||
summary: Form binary bearer token
|
summary: Form binary bearer token
|
||||||
|
|
Loading…
Reference in a new issue