diff --git a/Makefile b/Makefile
index 3dcd690..159c7e3 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-PROTO_VERSION=v1.0.0
+PROTO_VERSION=v1.1.0
PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
B=\033[0;1m
diff --git a/container/service.pb.go b/container/service.pb.go
index 6131254..f49f79f 100644
--- a/container/service.pb.go
+++ b/container/service.pb.go
@@ -377,6 +377,252 @@ func (m *ListResponse) XXX_DiscardUnknown() {
var xxx_messageInfo_ListResponse proto.InternalMessageInfo
+type ExtendedACLKey struct {
+ // ID (container id) is a SHA256 hash of the container structure
+ ID CID `protobuf:"bytes,1,opt,name=ID,proto3,customtype=CID" json:"ID"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *ExtendedACLKey) Reset() { *m = ExtendedACLKey{} }
+func (m *ExtendedACLKey) String() string { return proto.CompactTextString(m) }
+func (*ExtendedACLKey) ProtoMessage() {}
+func (*ExtendedACLKey) Descriptor() ([]byte, []int) {
+ return fileDescriptor_e1fa9d7ab2e7ae06, []int{8}
+}
+func (m *ExtendedACLKey) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *ExtendedACLKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *ExtendedACLKey) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_ExtendedACLKey.Merge(m, src)
+}
+func (m *ExtendedACLKey) XXX_Size() int {
+ return m.Size()
+}
+func (m *ExtendedACLKey) XXX_DiscardUnknown() {
+ xxx_messageInfo_ExtendedACLKey.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ExtendedACLKey proto.InternalMessageInfo
+
+type ExtendedACLValue struct {
+ // EACL carries binary representation of the table of extended ACL rules
+ EACL []byte `protobuf:"bytes,1,opt,name=EACL,proto3" json:"EACL,omitempty"`
+ // Signature carries EACL field signature
+ Signature []byte `protobuf:"bytes,2,opt,name=Signature,proto3" json:"Signature,omitempty"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *ExtendedACLValue) Reset() { *m = ExtendedACLValue{} }
+func (m *ExtendedACLValue) String() string { return proto.CompactTextString(m) }
+func (*ExtendedACLValue) ProtoMessage() {}
+func (*ExtendedACLValue) Descriptor() ([]byte, []int) {
+ return fileDescriptor_e1fa9d7ab2e7ae06, []int{9}
+}
+func (m *ExtendedACLValue) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *ExtendedACLValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *ExtendedACLValue) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_ExtendedACLValue.Merge(m, src)
+}
+func (m *ExtendedACLValue) XXX_Size() int {
+ return m.Size()
+}
+func (m *ExtendedACLValue) XXX_DiscardUnknown() {
+ xxx_messageInfo_ExtendedACLValue.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ExtendedACLValue proto.InternalMessageInfo
+
+func (m *ExtendedACLValue) GetEACL() []byte {
+ if m != nil {
+ return m.EACL
+ }
+ return nil
+}
+
+func (m *ExtendedACLValue) GetSignature() []byte {
+ if m != nil {
+ return m.Signature
+ }
+ return nil
+}
+
+type SetExtendedACLRequest struct {
+ // Key carries key to extended ACL information
+ ExtendedACLKey `protobuf:"bytes,1,opt,name=Key,proto3,embedded=Key" json:"Key"`
+ // Value carries extended ACL information
+ ExtendedACLValue `protobuf:"bytes,2,opt,name=Value,proto3,embedded=Value" json:"Value"`
+ // RequestMetaHeader contains information about request meta headers (should be embedded into message)
+ service.RequestMetaHeader `protobuf:"bytes,98,opt,name=Meta,proto3,embedded=Meta" json:"Meta"`
+ // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message)
+ service.RequestVerificationHeader `protobuf:"bytes,99,opt,name=Verify,proto3,embedded=Verify" json:"Verify"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *SetExtendedACLRequest) Reset() { *m = SetExtendedACLRequest{} }
+func (m *SetExtendedACLRequest) String() string { return proto.CompactTextString(m) }
+func (*SetExtendedACLRequest) ProtoMessage() {}
+func (*SetExtendedACLRequest) Descriptor() ([]byte, []int) {
+ return fileDescriptor_e1fa9d7ab2e7ae06, []int{10}
+}
+func (m *SetExtendedACLRequest) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *SetExtendedACLRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *SetExtendedACLRequest) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_SetExtendedACLRequest.Merge(m, src)
+}
+func (m *SetExtendedACLRequest) XXX_Size() int {
+ return m.Size()
+}
+func (m *SetExtendedACLRequest) XXX_DiscardUnknown() {
+ xxx_messageInfo_SetExtendedACLRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_SetExtendedACLRequest proto.InternalMessageInfo
+
+type SetExtendedACLResponse struct {
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *SetExtendedACLResponse) Reset() { *m = SetExtendedACLResponse{} }
+func (m *SetExtendedACLResponse) String() string { return proto.CompactTextString(m) }
+func (*SetExtendedACLResponse) ProtoMessage() {}
+func (*SetExtendedACLResponse) Descriptor() ([]byte, []int) {
+ return fileDescriptor_e1fa9d7ab2e7ae06, []int{11}
+}
+func (m *SetExtendedACLResponse) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *SetExtendedACLResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *SetExtendedACLResponse) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_SetExtendedACLResponse.Merge(m, src)
+}
+func (m *SetExtendedACLResponse) XXX_Size() int {
+ return m.Size()
+}
+func (m *SetExtendedACLResponse) XXX_DiscardUnknown() {
+ xxx_messageInfo_SetExtendedACLResponse.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_SetExtendedACLResponse proto.InternalMessageInfo
+
+type GetExtendedACLRequest struct {
+ // Key carries key to extended ACL information
+ ExtendedACLKey `protobuf:"bytes,1,opt,name=Key,proto3,embedded=Key" json:"Key"`
+ // RequestMetaHeader contains information about request meta headers (should be embedded into message)
+ service.RequestMetaHeader `protobuf:"bytes,98,opt,name=Meta,proto3,embedded=Meta" json:"Meta"`
+ // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message)
+ service.RequestVerificationHeader `protobuf:"bytes,99,opt,name=Verify,proto3,embedded=Verify" json:"Verify"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *GetExtendedACLRequest) Reset() { *m = GetExtendedACLRequest{} }
+func (m *GetExtendedACLRequest) String() string { return proto.CompactTextString(m) }
+func (*GetExtendedACLRequest) ProtoMessage() {}
+func (*GetExtendedACLRequest) Descriptor() ([]byte, []int) {
+ return fileDescriptor_e1fa9d7ab2e7ae06, []int{12}
+}
+func (m *GetExtendedACLRequest) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *GetExtendedACLRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *GetExtendedACLRequest) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_GetExtendedACLRequest.Merge(m, src)
+}
+func (m *GetExtendedACLRequest) XXX_Size() int {
+ return m.Size()
+}
+func (m *GetExtendedACLRequest) XXX_DiscardUnknown() {
+ xxx_messageInfo_GetExtendedACLRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_GetExtendedACLRequest proto.InternalMessageInfo
+
+type GetExtendedACLResponse struct {
+ // ACL carries extended ACL information
+ ExtendedACLValue `protobuf:"bytes,1,opt,name=ACL,proto3,embedded=ACL" json:"ACL"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *GetExtendedACLResponse) Reset() { *m = GetExtendedACLResponse{} }
+func (m *GetExtendedACLResponse) String() string { return proto.CompactTextString(m) }
+func (*GetExtendedACLResponse) ProtoMessage() {}
+func (*GetExtendedACLResponse) Descriptor() ([]byte, []int) {
+ return fileDescriptor_e1fa9d7ab2e7ae06, []int{13}
+}
+func (m *GetExtendedACLResponse) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *GetExtendedACLResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *GetExtendedACLResponse) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_GetExtendedACLResponse.Merge(m, src)
+}
+func (m *GetExtendedACLResponse) XXX_Size() int {
+ return m.Size()
+}
+func (m *GetExtendedACLResponse) XXX_DiscardUnknown() {
+ xxx_messageInfo_GetExtendedACLResponse.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_GetExtendedACLResponse proto.InternalMessageInfo
+
func init() {
proto.RegisterType((*PutRequest)(nil), "container.PutRequest")
proto.RegisterType((*PutResponse)(nil), "container.PutResponse")
@@ -386,50 +632,67 @@ func init() {
proto.RegisterType((*GetResponse)(nil), "container.GetResponse")
proto.RegisterType((*ListRequest)(nil), "container.ListRequest")
proto.RegisterType((*ListResponse)(nil), "container.ListResponse")
+ proto.RegisterType((*ExtendedACLKey)(nil), "container.ExtendedACLKey")
+ proto.RegisterType((*ExtendedACLValue)(nil), "container.ExtendedACLValue")
+ proto.RegisterType((*SetExtendedACLRequest)(nil), "container.SetExtendedACLRequest")
+ proto.RegisterType((*SetExtendedACLResponse)(nil), "container.SetExtendedACLResponse")
+ proto.RegisterType((*GetExtendedACLRequest)(nil), "container.GetExtendedACLRequest")
+ proto.RegisterType((*GetExtendedACLResponse)(nil), "container.GetExtendedACLResponse")
}
func init() { proto.RegisterFile("container/service.proto", fileDescriptor_e1fa9d7ab2e7ae06) }
var fileDescriptor_e1fa9d7ab2e7ae06 = []byte{
- // 596 bytes of a gzipped FileDescriptorProto
- 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x54, 0xcb, 0x6e, 0xd3, 0x4c,
- 0x14, 0xee, 0x34, 0xe9, 0xed, 0xb8, 0xfd, 0x7f, 0x18, 0x5a, 0x6a, 0x2c, 0x91, 0x46, 0x5e, 0x85,
- 0x4b, 0x6c, 0x11, 0x2a, 0xc1, 0x86, 0x45, 0x93, 0x88, 0x52, 0xa9, 0x85, 0xc8, 0x95, 0x40, 0x62,
- 0x37, 0x71, 0x4f, 0x83, 0xa5, 0xc4, 0x63, 0x3c, 0xe3, 0xa2, 0xbe, 0x09, 0xcf, 0x00, 0x12, 0x6b,
- 0x1e, 0xa1, 0xcb, 0x4a, 0x6c, 0x10, 0x8b, 0x08, 0x85, 0x35, 0xef, 0x80, 0x3c, 0xbe, 0x26, 0x2d,
- 0xb0, 0xac, 0xd8, 0x58, 0x33, 0xdf, 0x77, 0xbe, 0x73, 0xf7, 0xc0, 0xa6, 0xcb, 0x7d, 0xc9, 0x3c,
- 0x1f, 0x43, 0x5b, 0x60, 0x78, 0xe2, 0xb9, 0x68, 0x05, 0x21, 0x97, 0x9c, 0xae, 0xe4, 0x84, 0x41,
- 0x53, 0xc6, 0x1e, 0xa1, 0x64, 0x09, 0x6d, 0xac, 0x67, 0xd8, 0x09, 0x86, 0xde, 0xf1, 0x69, 0x8a,
- 0x6e, 0x14, 0xde, 0xe4, 0x69, 0x80, 0x22, 0x85, 0xef, 0x0e, 0x3c, 0xf9, 0x26, 0xea, 0x5b, 0x2e,
- 0x1f, 0xd9, 0xbe, 0x08, 0x5c, 0xb7, 0x79, 0x84, 0x27, 0xb6, 0x8f, 0x72, 0xc4, 0x02, 0x5b, 0xe0,
- 0x10, 0x5d, 0xc9, 0xc3, 0xd4, 0xb6, 0x59, 0xb2, 0x1d, 0xf0, 0x01, 0xb7, 0x15, 0xdc, 0x8f, 0x8e,
- 0xd5, 0x4d, 0x5d, 0xd4, 0x29, 0x31, 0x37, 0xbf, 0xcc, 0x03, 0xf4, 0x22, 0xe9, 0xe0, 0xdb, 0x08,
- 0x85, 0xa4, 0x36, 0xac, 0x1c, 0xa0, 0x10, 0x6c, 0x80, 0x7b, 0x5d, 0x9d, 0xd4, 0x49, 0x63, 0xb5,
- 0x7d, 0xfd, 0x6c, 0xbc, 0x35, 0xf7, 0x6d, 0xbc, 0x55, 0x10, 0x4e, 0x71, 0xa4, 0x06, 0x2c, 0x77,
- 0x58, 0xc0, 0x5c, 0x4f, 0x9e, 0xea, 0xf3, 0x75, 0xd2, 0xa8, 0x3a, 0xf9, 0x9d, 0xde, 0x81, 0xa5,
- 0x17, 0xef, 0x7c, 0x0c, 0xf7, 0xba, 0x7a, 0x45, 0xb9, 0xfa, 0x3f, 0x75, 0x95, 0xc1, 0x4e, 0x76,
- 0xa0, 0x0f, 0x60, 0x21, 0x8c, 0x86, 0x28, 0xf4, 0x6a, 0x9d, 0x34, 0xb4, 0xd6, 0x86, 0x95, 0x14,
- 0x67, 0xf5, 0x86, 0xcc, 0xc5, 0x11, 0xfa, 0xd2, 0x89, 0x86, 0xd8, 0xae, 0xc6, 0x7a, 0x27, 0xb1,
- 0x8c, 0x23, 0xb7, 0x99, 0xf0, 0xdc, 0x9d, 0xce, 0xbe, 0xbe, 0x50, 0x27, 0x8d, 0x35, 0x27, 0xbf,
- 0xd3, 0xc7, 0x50, 0x3d, 0x40, 0xc9, 0xf4, 0xbe, 0xf2, 0x66, 0x58, 0xd9, 0x68, 0xd2, 0x32, 0x63,
- 0xee, 0x19, 0xb2, 0x23, 0x0c, 0xdb, 0xcb, 0xb1, 0xcb, 0xf3, 0xf1, 0x16, 0x71, 0x94, 0x82, 0x76,
- 0x61, 0xf1, 0xa5, 0x9a, 0x88, 0xee, 0x2a, 0xad, 0x39, 0xab, 0x55, 0xac, 0xe7, 0x32, 0xe9, 0x71,
- 0xff, 0x82, 0x8f, 0x54, 0x6b, 0xde, 0x07, 0x4d, 0x35, 0x55, 0x04, 0xdc, 0x17, 0x48, 0x6f, 0x43,
- 0xa5, 0x93, 0xf7, 0x53, 0x4b, 0x9b, 0x10, 0x43, 0x4e, 0xfc, 0x31, 0x3f, 0x11, 0x58, 0xeb, 0xe2,
- 0x10, 0x25, 0x66, 0x63, 0xf8, 0xb3, 0xe0, 0xca, 0xcb, 0xbb, 0x06, 0xff, 0x65, 0xf9, 0x26, 0x15,
- 0x9a, 0x1f, 0x09, 0xc0, 0x2e, 0xca, 0x7f, 0x24, 0xff, 0x1d, 0xd0, 0x54, 0xb2, 0xe9, 0x78, 0x5a,
- 0xb0, 0xd2, 0xc9, 0xfe, 0x3b, 0x95, 0xb3, 0xd6, 0x5a, 0xb7, 0xf2, 0x3f, 0xd1, 0xca, 0x39, 0xa7,
- 0x30, 0x33, 0x3f, 0x13, 0xd0, 0xf6, 0x3d, 0x91, 0x57, 0x5c, 0xda, 0x75, 0xf2, 0x97, 0x5d, 0xbf,
- 0xea, 0xea, 0x9b, 0xb0, 0x9a, 0x64, 0x3e, 0xbb, 0x9d, 0x95, 0xcb, 0x86, 0xd5, 0xfa, 0x49, 0x60,
- 0xe9, 0x30, 0x09, 0x43, 0xb7, 0xa1, 0xd2, 0x8b, 0x24, 0xdd, 0x28, 0x75, 0xa7, 0x78, 0x3c, 0x8c,
- 0x9b, 0xb3, 0x70, 0x1a, 0xe0, 0x09, 0x2c, 0x26, 0xeb, 0x42, 0xf5, 0x92, 0xc5, 0xd4, 0xc6, 0x1b,
- 0xb7, 0x2e, 0x61, 0x52, 0xf9, 0x36, 0x54, 0x76, 0x71, 0x3a, 0x68, 0xb1, 0x6a, 0x53, 0x41, 0xcb,
- 0x43, 0x7d, 0x04, 0xd5, 0xb8, 0x4a, 0x5a, 0xe6, 0x4b, 0x03, 0x33, 0x36, 0x2f, 0xe0, 0x89, 0xb0,
- 0xfd, 0xea, 0x6c, 0x52, 0x23, 0xe7, 0x93, 0x1a, 0xf9, 0x3a, 0xa9, 0x91, 0xef, 0x93, 0x1a, 0x79,
- 0xff, 0xa3, 0x36, 0xf7, 0xfa, 0xde, 0x6f, 0x9e, 0x60, 0x7e, 0x2c, 0x9a, 0x2c, 0xf0, 0x9a, 0x03,
- 0x6e, 0xe7, 0xfe, 0x3e, 0xcc, 0xdf, 0x78, 0x8e, 0xfc, 0xe9, 0xa1, 0xb5, 0xd3, 0xdb, 0x2b, 0xb6,
- 0xa7, 0xbf, 0xa8, 0x5e, 0xdc, 0x87, 0xbf, 0x02, 0x00, 0x00, 0xff, 0xff, 0x5b, 0x68, 0x23, 0x86,
- 0x33, 0x06, 0x00, 0x00,
+ // 773 bytes of a gzipped FileDescriptorProto
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x56, 0xcb, 0x6e, 0xdb, 0x46,
+ 0x14, 0x35, 0x45, 0xf9, 0xa1, 0x2b, 0xdb, 0x75, 0xa7, 0x96, 0x4d, 0xd3, 0xad, 0xac, 0x72, 0xa5,
+ 0x3e, 0x44, 0xa2, 0xaa, 0x0b, 0x17, 0x28, 0xba, 0xd0, 0xc3, 0x55, 0x05, 0xdb, 0xad, 0x4a, 0xa1,
+ 0x0e, 0x90, 0x1d, 0x45, 0x5d, 0x2b, 0x04, 0x24, 0x52, 0x21, 0x87, 0x4e, 0xf4, 0x0d, 0xf9, 0x81,
+ 0x00, 0xf9, 0x83, 0x04, 0xc8, 0x3a, 0x9f, 0xe0, 0x55, 0x60, 0x20, 0x9b, 0x20, 0x0b, 0x23, 0x50,
+ 0x7e, 0x24, 0xe0, 0xf0, 0x29, 0x59, 0xb6, 0xb3, 0x08, 0x20, 0x64, 0x23, 0xcc, 0xdc, 0x7b, 0xcf,
+ 0x99, 0xfb, 0x16, 0x61, 0x5b, 0xb7, 0x4c, 0xaa, 0x19, 0x26, 0xda, 0x8a, 0x83, 0xf6, 0xb9, 0xa1,
+ 0xa3, 0x3c, 0xb4, 0x2d, 0x6a, 0x91, 0x4c, 0xa4, 0x10, 0x49, 0xa0, 0x51, 0x06, 0x48, 0x35, 0x5f,
+ 0x2d, 0x6e, 0x86, 0xb2, 0x73, 0xb4, 0x8d, 0xb3, 0x51, 0x20, 0xcd, 0xc5, 0x6c, 0x74, 0x34, 0x44,
+ 0x27, 0x10, 0xff, 0xd8, 0x33, 0xe8, 0x03, 0xb7, 0x23, 0xeb, 0xd6, 0x40, 0x31, 0x9d, 0xa1, 0xae,
+ 0x97, 0xba, 0x78, 0xae, 0x98, 0x48, 0x07, 0xda, 0x50, 0x71, 0xb0, 0x8f, 0x3a, 0xb5, 0xec, 0xc0,
+ 0xb6, 0x94, 0xb0, 0xed, 0x59, 0x3d, 0x4b, 0x61, 0xe2, 0x8e, 0x7b, 0xc6, 0x6e, 0xec, 0xc2, 0x4e,
+ 0xbe, 0xb9, 0xf4, 0x26, 0x05, 0xd0, 0x72, 0xa9, 0x8a, 0x0f, 0x5d, 0x74, 0x28, 0x51, 0x20, 0x73,
+ 0x82, 0x8e, 0xa3, 0xf5, 0xb0, 0x59, 0x17, 0xb8, 0x02, 0x57, 0x5c, 0xad, 0x7e, 0x7d, 0x71, 0xb5,
+ 0xb7, 0xf0, 0xee, 0x6a, 0x2f, 0x56, 0xa8, 0xf1, 0x91, 0x88, 0xb0, 0x52, 0xd3, 0x86, 0x9a, 0x6e,
+ 0xd0, 0x91, 0x90, 0x2a, 0x70, 0xc5, 0xb4, 0x1a, 0xdd, 0xc9, 0x0f, 0xb0, 0xfc, 0xef, 0x23, 0x13,
+ 0xed, 0x66, 0x5d, 0xe0, 0x19, 0xd5, 0x57, 0x01, 0x55, 0x28, 0x56, 0xc3, 0x03, 0xf9, 0x05, 0x16,
+ 0x6d, 0xb7, 0x8f, 0x8e, 0x90, 0x2e, 0x70, 0xc5, 0x6c, 0x39, 0x27, 0xfb, 0xc1, 0xc9, 0xad, 0xbe,
+ 0xa6, 0xe3, 0x00, 0x4d, 0xaa, 0xba, 0x7d, 0xac, 0xa6, 0x3d, 0xbc, 0xea, 0x5b, 0x7a, 0x2f, 0x57,
+ 0x35, 0xc7, 0xd0, 0x2b, 0xb5, 0x63, 0x61, 0xb1, 0xc0, 0x15, 0xd7, 0xd4, 0xe8, 0x4e, 0x7e, 0x87,
+ 0xf4, 0x09, 0x52, 0x4d, 0xe8, 0x30, 0x36, 0x51, 0x0e, 0x4b, 0x13, 0x84, 0xe9, 0xe9, 0xfe, 0x46,
+ 0xad, 0x8b, 0x76, 0x75, 0xc5, 0xa3, 0xbc, 0xbc, 0xda, 0xe3, 0x54, 0x86, 0x20, 0x75, 0x58, 0x3a,
+ 0x65, 0x15, 0x11, 0x74, 0x86, 0x95, 0xa6, 0xb1, 0x4c, 0x6b, 0xe8, 0x1a, 0x35, 0x2c, 0xf3, 0x1a,
+ 0x47, 0x80, 0x95, 0x7e, 0x86, 0x2c, 0x4b, 0xaa, 0x33, 0xb4, 0x4c, 0x07, 0xc9, 0x77, 0xc0, 0xd7,
+ 0xa2, 0x7c, 0x66, 0x83, 0x24, 0x78, 0x22, 0xd5, 0xfb, 0x91, 0x5e, 0x72, 0xb0, 0x56, 0xc7, 0x3e,
+ 0x52, 0x0c, 0xcb, 0x70, 0x3b, 0x60, 0xee, 0xe1, 0x6d, 0xc0, 0x7a, 0xe8, 0xaf, 0x1f, 0xa1, 0xf4,
+ 0x82, 0x03, 0x68, 0x20, 0xfd, 0x42, 0xfc, 0xaf, 0x40, 0x96, 0x39, 0x1b, 0x94, 0xa7, 0x0c, 0x99,
+ 0x5a, 0x38, 0x77, 0xcc, 0xe7, 0x6c, 0x79, 0x53, 0x8e, 0x26, 0x51, 0x8e, 0x74, 0x6a, 0x6c, 0x26,
+ 0xbd, 0xe2, 0x20, 0x7b, 0x6c, 0x38, 0x51, 0xc4, 0x89, 0x5e, 0xe7, 0xee, 0xe8, 0xf5, 0x79, 0x47,
+ 0x5f, 0x82, 0x55, 0xdf, 0xf3, 0xe9, 0xee, 0xe4, 0x67, 0x76, 0x67, 0x09, 0xd6, 0x0f, 0x1f, 0x53,
+ 0x34, 0xbb, 0xd8, 0xad, 0xd4, 0x8e, 0x8f, 0x70, 0x44, 0x76, 0x21, 0x35, 0xbb, 0xb8, 0xa9, 0x66,
+ 0x5d, 0xaa, 0xc3, 0x46, 0xc2, 0xfc, 0x54, 0xeb, 0xbb, 0x48, 0x08, 0xa4, 0x0f, 0xbd, 0x31, 0x65,
+ 0x10, 0x95, 0x9d, 0xc9, 0xb7, 0x90, 0x69, 0x1b, 0x3d, 0x53, 0xa3, 0xae, 0x8d, 0x6c, 0x73, 0xac,
+ 0xaa, 0xb1, 0x40, 0x7a, 0x92, 0x82, 0x5c, 0x1b, 0x69, 0x82, 0x29, 0x4c, 0xf4, 0x6f, 0xc0, 0x1f,
+ 0xe1, 0x28, 0x28, 0xd3, 0x4e, 0xa2, 0x4c, 0x93, 0x4e, 0x26, 0xe2, 0xf6, 0xec, 0xc9, 0x1f, 0xb0,
+ 0xc8, 0x7c, 0x61, 0x4f, 0x65, 0xcb, 0xbb, 0xb3, 0x81, 0xcc, 0x24, 0x01, 0xf5, 0x31, 0x73, 0xaf,
+ 0x98, 0x00, 0x5b, 0xd3, 0xc9, 0x08, 0xe6, 0xee, 0x35, 0x07, 0xb9, 0xc6, 0xe7, 0xcc, 0xd3, 0xbc,
+ 0x43, 0xfd, 0x0f, 0xb6, 0x1a, 0x33, 0x43, 0x25, 0x07, 0xc0, 0x87, 0x3d, 0xf4, 0xc9, 0xf5, 0xf3,
+ 0x10, 0xe5, 0x67, 0x3c, 0x2c, 0xb7, 0x7d, 0x57, 0xc8, 0x3e, 0xf0, 0x2d, 0x97, 0x92, 0x5c, 0x02,
+ 0x1e, 0xff, 0xfb, 0x89, 0x5b, 0xd3, 0xe2, 0xe0, 0xe9, 0x3f, 0x61, 0xc9, 0xdf, 0x77, 0x44, 0x48,
+ 0x58, 0x4c, 0xac, 0x6c, 0x71, 0x67, 0x86, 0x26, 0x80, 0xef, 0x03, 0xdf, 0xc0, 0xc9, 0x47, 0xe3,
+ 0x5d, 0x39, 0xf1, 0x68, 0x72, 0x2b, 0x1d, 0x40, 0xda, 0x1b, 0x53, 0x92, 0xd4, 0x27, 0x36, 0x8e,
+ 0xb8, 0x7d, 0x4d, 0x1e, 0x00, 0xff, 0x87, 0xf5, 0xc9, 0x6e, 0x21, 0x85, 0x84, 0xe9, 0xcc, 0xa9,
+ 0x12, 0xbf, 0xbf, 0xc5, 0x22, 0xa6, 0x6d, 0xdc, 0x4c, 0xdb, 0xb8, 0x93, 0x76, 0x76, 0x59, 0xab,
+ 0xf7, 0x2e, 0xc6, 0x79, 0xee, 0x72, 0x9c, 0xe7, 0xde, 0x8e, 0xf3, 0xdc, 0xfb, 0x71, 0x9e, 0x7b,
+ 0xfa, 0x21, 0xbf, 0x70, 0xff, 0xa7, 0x1b, 0xbe, 0x78, 0xac, 0x33, 0xa7, 0xa4, 0x0d, 0x8d, 0x52,
+ 0xcf, 0x52, 0x22, 0xe6, 0xe7, 0xa9, 0x6f, 0xfe, 0x41, 0xeb, 0xaf, 0xb6, 0x5c, 0x69, 0x35, 0xe3,
+ 0x65, 0xdd, 0x59, 0x62, 0x1f, 0x38, 0xbf, 0x7e, 0x0c, 0x00, 0x00, 0xff, 0xff, 0x16, 0xc1, 0x2d,
+ 0xa9, 0xa2, 0x09, 0x00, 0x00,
}
// Reference imports to suppress errors if they are not otherwise used.
@@ -455,6 +718,10 @@ type ServiceClient interface {
Get(ctx context.Context, in *GetRequest, opts ...grpc.CallOption) (*GetResponse, error)
// List returns all user's containers
List(ctx context.Context, in *ListRequest, opts ...grpc.CallOption) (*ListResponse, error)
+ // SetExtendedACL changes extended ACL rules of the container
+ SetExtendedACL(ctx context.Context, in *SetExtendedACLRequest, opts ...grpc.CallOption) (*SetExtendedACLResponse, error)
+ // GetExtendedACL returns extended ACL rules of the container
+ GetExtendedACL(ctx context.Context, in *GetExtendedACLRequest, opts ...grpc.CallOption) (*GetExtendedACLResponse, error)
}
type serviceClient struct {
@@ -501,6 +768,24 @@ func (c *serviceClient) List(ctx context.Context, in *ListRequest, opts ...grpc.
return out, nil
}
+func (c *serviceClient) SetExtendedACL(ctx context.Context, in *SetExtendedACLRequest, opts ...grpc.CallOption) (*SetExtendedACLResponse, error) {
+ out := new(SetExtendedACLResponse)
+ err := c.cc.Invoke(ctx, "/container.Service/SetExtendedACL", in, out, opts...)
+ if err != nil {
+ return nil, err
+ }
+ return out, nil
+}
+
+func (c *serviceClient) GetExtendedACL(ctx context.Context, in *GetExtendedACLRequest, opts ...grpc.CallOption) (*GetExtendedACLResponse, error) {
+ out := new(GetExtendedACLResponse)
+ err := c.cc.Invoke(ctx, "/container.Service/GetExtendedACL", in, out, opts...)
+ if err != nil {
+ return nil, err
+ }
+ return out, nil
+}
+
// ServiceServer is the server API for Service service.
type ServiceServer interface {
// Put request proposes container to the inner ring nodes. They will
@@ -514,6 +799,10 @@ type ServiceServer interface {
Get(context.Context, *GetRequest) (*GetResponse, error)
// List returns all user's containers
List(context.Context, *ListRequest) (*ListResponse, error)
+ // SetExtendedACL changes extended ACL rules of the container
+ SetExtendedACL(context.Context, *SetExtendedACLRequest) (*SetExtendedACLResponse, error)
+ // GetExtendedACL returns extended ACL rules of the container
+ GetExtendedACL(context.Context, *GetExtendedACLRequest) (*GetExtendedACLResponse, error)
}
// UnimplementedServiceServer can be embedded to have forward compatible implementations.
@@ -532,6 +821,12 @@ func (*UnimplementedServiceServer) Get(ctx context.Context, req *GetRequest) (*G
func (*UnimplementedServiceServer) List(ctx context.Context, req *ListRequest) (*ListResponse, error) {
return nil, status.Errorf(codes.Unimplemented, "method List not implemented")
}
+func (*UnimplementedServiceServer) SetExtendedACL(ctx context.Context, req *SetExtendedACLRequest) (*SetExtendedACLResponse, error) {
+ return nil, status.Errorf(codes.Unimplemented, "method SetExtendedACL not implemented")
+}
+func (*UnimplementedServiceServer) GetExtendedACL(ctx context.Context, req *GetExtendedACLRequest) (*GetExtendedACLResponse, error) {
+ return nil, status.Errorf(codes.Unimplemented, "method GetExtendedACL not implemented")
+}
func RegisterServiceServer(s *grpc.Server, srv ServiceServer) {
s.RegisterService(&_Service_serviceDesc, srv)
@@ -609,6 +904,42 @@ func _Service_List_Handler(srv interface{}, ctx context.Context, dec func(interf
return interceptor(ctx, in, info, handler)
}
+func _Service_SetExtendedACL_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+ in := new(SetExtendedACLRequest)
+ if err := dec(in); err != nil {
+ return nil, err
+ }
+ if interceptor == nil {
+ return srv.(ServiceServer).SetExtendedACL(ctx, in)
+ }
+ info := &grpc.UnaryServerInfo{
+ Server: srv,
+ FullMethod: "/container.Service/SetExtendedACL",
+ }
+ handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+ return srv.(ServiceServer).SetExtendedACL(ctx, req.(*SetExtendedACLRequest))
+ }
+ return interceptor(ctx, in, info, handler)
+}
+
+func _Service_GetExtendedACL_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+ in := new(GetExtendedACLRequest)
+ if err := dec(in); err != nil {
+ return nil, err
+ }
+ if interceptor == nil {
+ return srv.(ServiceServer).GetExtendedACL(ctx, in)
+ }
+ info := &grpc.UnaryServerInfo{
+ Server: srv,
+ FullMethod: "/container.Service/GetExtendedACL",
+ }
+ handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+ return srv.(ServiceServer).GetExtendedACL(ctx, req.(*GetExtendedACLRequest))
+ }
+ return interceptor(ctx, in, info, handler)
+}
+
var _Service_serviceDesc = grpc.ServiceDesc{
ServiceName: "container.Service",
HandlerType: (*ServiceServer)(nil),
@@ -629,6 +960,14 @@ var _Service_serviceDesc = grpc.ServiceDesc{
MethodName: "List",
Handler: _Service_List_Handler,
},
+ {
+ MethodName: "SetExtendedACL",
+ Handler: _Service_SetExtendedACL_Handler,
+ },
+ {
+ MethodName: "GetExtendedACL",
+ Handler: _Service_GetExtendedACL_Handler,
+ },
},
Streams: []grpc.StreamDesc{},
Metadata: "container/service.proto",
@@ -1052,6 +1391,280 @@ func (m *ListResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) {
return len(dAtA) - i, nil
}
+func (m *ExtendedACLKey) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *ExtendedACLKey) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ExtendedACLKey) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ {
+ size := m.ID.Size()
+ i -= size
+ if _, err := m.ID.MarshalTo(dAtA[i:]); err != nil {
+ return 0, err
+ }
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0xa
+ return len(dAtA) - i, nil
+}
+
+func (m *ExtendedACLValue) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *ExtendedACLValue) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ExtendedACLValue) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ if len(m.Signature) > 0 {
+ i -= len(m.Signature)
+ copy(dAtA[i:], m.Signature)
+ i = encodeVarintService(dAtA, i, uint64(len(m.Signature)))
+ i--
+ dAtA[i] = 0x12
+ }
+ if len(m.EACL) > 0 {
+ i -= len(m.EACL)
+ copy(dAtA[i:], m.EACL)
+ i = encodeVarintService(dAtA, i, uint64(len(m.EACL)))
+ i--
+ dAtA[i] = 0xa
+ }
+ return len(dAtA) - i, nil
+}
+
+func (m *SetExtendedACLRequest) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *SetExtendedACLRequest) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *SetExtendedACLRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ {
+ size, err := m.RequestVerificationHeader.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x6
+ i--
+ dAtA[i] = 0x9a
+ {
+ size, err := m.RequestMetaHeader.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x6
+ i--
+ dAtA[i] = 0x92
+ {
+ size, err := m.ExtendedACLValue.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x12
+ {
+ size, err := m.ExtendedACLKey.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0xa
+ return len(dAtA) - i, nil
+}
+
+func (m *SetExtendedACLResponse) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *SetExtendedACLResponse) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *SetExtendedACLResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ return len(dAtA) - i, nil
+}
+
+func (m *GetExtendedACLRequest) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *GetExtendedACLRequest) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *GetExtendedACLRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ {
+ size, err := m.RequestVerificationHeader.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x6
+ i--
+ dAtA[i] = 0x9a
+ {
+ size, err := m.RequestMetaHeader.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x6
+ i--
+ dAtA[i] = 0x92
+ {
+ size, err := m.ExtendedACLKey.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0xa
+ return len(dAtA) - i, nil
+}
+
+func (m *GetExtendedACLResponse) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *GetExtendedACLResponse) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *GetExtendedACLResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ {
+ size, err := m.ExtendedACLValue.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintService(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0xa
+ return len(dAtA) - i, nil
+}
+
func encodeVarintService(dAtA []byte, offset int, v uint64) int {
offset -= sovService(v)
base := offset
@@ -1205,6 +1818,104 @@ func (m *ListResponse) Size() (n int) {
return n
}
+func (m *ExtendedACLKey) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = m.ID.Size()
+ n += 1 + l + sovService(uint64(l))
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
+func (m *ExtendedACLValue) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = len(m.EACL)
+ if l > 0 {
+ n += 1 + l + sovService(uint64(l))
+ }
+ l = len(m.Signature)
+ if l > 0 {
+ n += 1 + l + sovService(uint64(l))
+ }
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
+func (m *SetExtendedACLRequest) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = m.ExtendedACLKey.Size()
+ n += 1 + l + sovService(uint64(l))
+ l = m.ExtendedACLValue.Size()
+ n += 1 + l + sovService(uint64(l))
+ l = m.RequestMetaHeader.Size()
+ n += 2 + l + sovService(uint64(l))
+ l = m.RequestVerificationHeader.Size()
+ n += 2 + l + sovService(uint64(l))
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
+func (m *SetExtendedACLResponse) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
+func (m *GetExtendedACLRequest) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = m.ExtendedACLKey.Size()
+ n += 1 + l + sovService(uint64(l))
+ l = m.RequestMetaHeader.Size()
+ n += 2 + l + sovService(uint64(l))
+ l = m.RequestVerificationHeader.Size()
+ n += 2 + l + sovService(uint64(l))
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
+func (m *GetExtendedACLResponse) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = m.ExtendedACLValue.Size()
+ n += 1 + l + sovService(uint64(l))
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
func sovService(x uint64) (n int) {
return (math_bits.Len64(x|1) + 6) / 7
}
@@ -2247,6 +2958,695 @@ func (m *ListResponse) Unmarshal(dAtA []byte) error {
}
return nil
}
+func (m *ExtendedACLKey) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: ExtendedACLKey: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: ExtendedACLKey: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ID", wireType)
+ }
+ var byteLen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ byteLen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if byteLen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + byteLen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.ID.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipService(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func (m *ExtendedACLValue) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: ExtendedACLValue: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: ExtendedACLValue: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field EACL", wireType)
+ }
+ var byteLen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ byteLen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if byteLen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + byteLen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.EACL = append(m.EACL[:0], dAtA[iNdEx:postIndex]...)
+ if m.EACL == nil {
+ m.EACL = []byte{}
+ }
+ iNdEx = postIndex
+ case 2:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field Signature", wireType)
+ }
+ var byteLen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ byteLen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if byteLen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + byteLen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.Signature = append(m.Signature[:0], dAtA[iNdEx:postIndex]...)
+ if m.Signature == nil {
+ m.Signature = []byte{}
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipService(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func (m *SetExtendedACLRequest) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: SetExtendedACLRequest: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: SetExtendedACLRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ExtendedACLKey", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.ExtendedACLKey.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 2:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ExtendedACLValue", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.ExtendedACLValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 98:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field RequestMetaHeader", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.RequestMetaHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 99:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field RequestVerificationHeader", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.RequestVerificationHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipService(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func (m *SetExtendedACLResponse) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: SetExtendedACLResponse: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: SetExtendedACLResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ default:
+ iNdEx = preIndex
+ skippy, err := skipService(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func (m *GetExtendedACLRequest) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: GetExtendedACLRequest: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: GetExtendedACLRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ExtendedACLKey", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.ExtendedACLKey.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 98:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field RequestMetaHeader", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.RequestMetaHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 99:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field RequestVerificationHeader", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.RequestVerificationHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipService(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func (m *GetExtendedACLResponse) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: GetExtendedACLResponse: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: GetExtendedACLResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ExtendedACLValue", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowService
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthService
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthService
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.ExtendedACLValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipService(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthService
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
func skipService(dAtA []byte) (n int, err error) {
l := len(dAtA)
iNdEx := 0
diff --git a/container/service.proto b/container/service.proto
index 7df2c66..b174052 100644
--- a/container/service.proto
+++ b/container/service.proto
@@ -27,6 +27,12 @@ service Service {
// List returns all user's containers
rpc List(ListRequest) returns (ListResponse);
+
+ // SetExtendedACL changes extended ACL rules of the container
+ rpc SetExtendedACL(SetExtendedACLRequest) returns (SetExtendedACLResponse);
+
+ // GetExtendedACL returns extended ACL rules of the container
+ rpc GetExtendedACL(GetExtendedACLRequest) returns (GetExtendedACLResponse);
}
message PutRequest {
@@ -99,3 +105,42 @@ message ListResponse {
// CID (container id) is list of SHA256 hashes of the container structures
repeated bytes CID = 1 [(gogoproto.customtype) = "CID", (gogoproto.nullable) = false];
}
+
+message ExtendedACLKey {
+ // ID (container id) is a SHA256 hash of the container structure
+ bytes ID = 1 [(gogoproto.customtype) = "CID", (gogoproto.nullable) = false];
+}
+
+message ExtendedACLValue {
+ // EACL carries binary representation of the table of extended ACL rules
+ bytes EACL = 1;
+ // Signature carries EACL field signature
+ bytes Signature = 2;
+}
+
+message SetExtendedACLRequest {
+ // Key carries key to extended ACL information
+ ExtendedACLKey Key = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+ // Value carries extended ACL information
+ ExtendedACLValue Value = 2 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+ // RequestMetaHeader contains information about request meta headers (should be embedded into message)
+ service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+ // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message)
+ service.RequestVerificationHeader Verify = 99 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+}
+
+message SetExtendedACLResponse {}
+
+message GetExtendedACLRequest {
+ // Key carries key to extended ACL information
+ ExtendedACLKey Key = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+ // RequestMetaHeader contains information about request meta headers (should be embedded into message)
+ service.RequestMetaHeader Meta = 98 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+ // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message)
+ service.RequestVerificationHeader Verify = 99 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+}
+
+message GetExtendedACLResponse {
+ // ACL carries extended ACL information
+ ExtendedACLValue ACL = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+}
diff --git a/container/types.go b/container/types.go
index f340aa5..38bdcff 100644
--- a/container/types.go
+++ b/container/types.go
@@ -158,3 +158,23 @@ func (m ListRequest) GetOwnerID() OwnerID {
func (m *ListRequest) SetOwnerID(owner OwnerID) {
m.OwnerID = owner
}
+
+// GetID is an ID field getter.
+func (m ExtendedACLKey) GetID() CID {
+ return m.ID
+}
+
+// SetID is an ID field setter.
+func (m *ExtendedACLKey) SetID(v CID) {
+ m.ID = v
+}
+
+// SetEACL is an EACL field setter.
+func (m *ExtendedACLValue) SetEACL(v []byte) {
+ m.EACL = v
+}
+
+// SetSignature is a Signature field setter.
+func (m *ExtendedACLValue) SetSignature(sig []byte) {
+ m.Signature = sig
+}
diff --git a/container/types_test.go b/container/types_test.go
index cc171cb..76bbe1c 100644
--- a/container/types_test.go
+++ b/container/types_test.go
@@ -140,3 +140,23 @@ func TestListRequestGettersSetters(t *testing.T) {
require.Equal(t, owner, m.GetOwnerID())
})
}
+
+func TestExtendedACLKey(t *testing.T) {
+ s := new(ExtendedACLKey)
+
+ id := CID{1, 2, 3}
+ s.SetID(id)
+ require.Equal(t, id, s.GetID())
+}
+
+func TestExtendedACLValue(t *testing.T) {
+ s := new(ExtendedACLValue)
+
+ acl := []byte{1, 2, 3}
+ s.SetEACL(acl)
+ require.Equal(t, acl, s.GetEACL())
+
+ sig := []byte{4, 5, 6}
+ s.SetSignature(sig)
+ require.Equal(t, sig, s.GetSignature())
+}
diff --git a/docs/container.md b/docs/container.md
index f0188ca..fd89acd 100644
--- a/docs/container.md
+++ b/docs/container.md
@@ -10,12 +10,18 @@
- Messages
- [DeleteRequest](#container.DeleteRequest)
- [DeleteResponse](#container.DeleteResponse)
+ - [ExtendedACLKey](#container.ExtendedACLKey)
+ - [ExtendedACLValue](#container.ExtendedACLValue)
+ - [GetExtendedACLRequest](#container.GetExtendedACLRequest)
+ - [GetExtendedACLResponse](#container.GetExtendedACLResponse)
- [GetRequest](#container.GetRequest)
- [GetResponse](#container.GetResponse)
- [ListRequest](#container.ListRequest)
- [ListResponse](#container.ListResponse)
- [PutRequest](#container.PutRequest)
- [PutResponse](#container.PutResponse)
+ - [SetExtendedACLRequest](#container.SetExtendedACLRequest)
+ - [SetExtendedACLResponse](#container.SetExtendedACLResponse)
- [container/types.proto](#container/types.proto)
@@ -46,6 +52,8 @@ rpc Put(PutRequest) returns (PutResponse);
rpc Delete(DeleteRequest) returns (DeleteResponse);
rpc Get(GetRequest) returns (GetResponse);
rpc List(ListRequest) returns (ListResponse);
+rpc SetExtendedACL(SetExtendedACLRequest) returns (SetExtendedACLResponse);
+rpc GetExtendedACL(GetExtendedACLRequest) returns (GetExtendedACLResponse);
```
@@ -80,6 +88,20 @@ List returns all user's containers
| Name | Input | Output |
| ---- | ----- | ------ |
| List | [ListRequest](#container.ListRequest) | [ListResponse](#container.ListResponse) |
+#### Method SetExtendedACL
+
+SetExtendedACL changes extended ACL rules of the container
+
+| Name | Input | Output |
+| ---- | ----- | ------ |
+| SetExtendedACL | [SetExtendedACLRequest](#container.SetExtendedACLRequest) | [SetExtendedACLResponse](#container.SetExtendedACLResponse) |
+#### Method GetExtendedACL
+
+GetExtendedACL returns extended ACL rules of the container
+
+| Name | Input | Output |
+| ---- | ----- | ------ |
+| GetExtendedACL | [GetExtendedACLRequest](#container.GetExtendedACLRequest) | [GetExtendedACLResponse](#container.GetExtendedACLResponse) |
@@ -104,6 +126,53 @@ via consensus in inner ring nodes
+
+
+### Message ExtendedACLKey
+
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| ID | [bytes](#bytes) | | ID (container id) is a SHA256 hash of the container structure |
+
+
+
+
+### Message ExtendedACLValue
+
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| EACL | [bytes](#bytes) | | EACL carries binary representation of the table of extended ACL rules |
+| Signature | [bytes](#bytes) | | Signature carries EACL field signature |
+
+
+
+
+### Message GetExtendedACLRequest
+
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| Key | [ExtendedACLKey](#container.ExtendedACLKey) | | Key carries key to extended ACL information |
+| Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
+| Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
+
+
+
+
+### Message GetExtendedACLResponse
+
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| ACL | [ExtendedACLValue](#container.ExtendedACLValue) | | ACL carries extended ACL information |
+
+
### Message GetRequest
@@ -179,6 +248,27 @@ via consensus in inner ring nodes
| ----- | ---- | ----- | ----------- |
| CID | [bytes](#bytes) | | CID (container id) is a SHA256 hash of the container structure |
+
+
+
+### Message SetExtendedACLRequest
+
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| Key | [ExtendedACLKey](#container.ExtendedACLKey) | | Key carries key to extended ACL information |
+| Value | [ExtendedACLValue](#container.ExtendedACLValue) | | Value carries extended ACL information |
+| Meta | [service.RequestMetaHeader](#service.RequestMetaHeader) | | RequestMetaHeader contains information about request meta headers (should be embedded into message) |
+| Verify | [service.RequestVerificationHeader](#service.RequestVerificationHeader) | | RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request (should be embedded into message) |
+
+
+
+
+### Message SetExtendedACLResponse
+
+
+
diff --git a/docs/service.md b/docs/service.md
index 0765f04..223ddd1 100644
--- a/docs/service.md
+++ b/docs/service.md
@@ -6,6 +6,8 @@
- [service/meta.proto](#service/meta.proto)
- Messages
+ - [RequestExtendedHeader](#service.RequestExtendedHeader)
+ - [RequestExtendedHeader.KV](#service.RequestExtendedHeader.KV)
- [RequestMetaHeader](#service.RequestMetaHeader)
- [ResponseMetaHeader](#service.ResponseMetaHeader)
@@ -13,6 +15,8 @@
- [service/verify.proto](#service/verify.proto)
- Messages
+ - [BearerTokenMsg](#service.BearerTokenMsg)
+ - [BearerTokenMsg.Info](#service.BearerTokenMsg.Info)
- [RequestVerificationHeader](#service.RequestVerificationHeader)
- [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature)
- [Token](#service.Token)
@@ -39,6 +43,29 @@
+
+
+### Message RequestExtendedHeader
+RequestExtendedHeader contains extended headers of request
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| Headers | [RequestExtendedHeader.KV](#service.RequestExtendedHeader.KV) | repeated | Headers carries list of key-value headers |
+
+
+
+
+### Message RequestExtendedHeader.KV
+KV contains string key-value pair
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| K | [string](#string) | | K carries extended header key |
+| V | [string](#string) | | V carries extended header value |
+
+
### Message RequestMetaHeader
@@ -52,6 +79,7 @@ RequestMetaHeader contains information about request meta headers
| Epoch | [uint64](#uint64) | | Epoch for user can be empty, because node sets epoch to the actual value |
| Version | [uint32](#uint32) | | Version defines protocol version TODO: not used for now, should be implemented in future |
| Raw | [bool](#bool) | | Raw determines whether the request is raw or not |
+| ExtendedHeader | [RequestExtendedHeader](#service.RequestExtendedHeader) | | ExtendedHeader carries extended headers of the request |
@@ -81,6 +109,32 @@ ResponseMetaHeader contains meta information based on request processing by serv
+
+
+### Message BearerTokenMsg
+BearerTokenMsg carries information about request ACL rules with limited lifetime
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| TokenInfo | [BearerTokenMsg.Info](#service.BearerTokenMsg.Info) | | TokenInfo is a grouped information about token |
+| OwnerKey | [bytes](#bytes) | | OwnerKey is a public key of the token owner |
+| Signature | [bytes](#bytes) | | Signature is a signature of token information |
+
+
+
+
+### Message BearerTokenMsg.Info
+
+
+
+| Field | Type | Label | Description |
+| ----- | ---- | ----- | ----------- |
+| ACLRules | [bytes](#bytes) | | ACLRules carries a binary representation of the table of extended ACL rules |
+| OwnerID | [bytes](#bytes) | | OwnerID is an owner of token |
+| ValidUntil | [uint64](#uint64) | | ValidUntil carries a last epoch of token lifetime |
+
+
### Message RequestVerificationHeader
@@ -92,6 +146,7 @@ RequestVerificationHeader is a set of signatures of every NeoFS Node that proces
| ----- | ---- | ----- | ----------- |
| Signatures | [RequestVerificationHeader.Signature](#service.RequestVerificationHeader.Signature) | repeated | Signatures is a set of signatures of every passed NeoFS Node |
| Token | [Token](#service.Token) | | Token is a token of the session within which the request is sent |
+| Bearer | [BearerTokenMsg](#service.BearerTokenMsg) | | Bearer is a Bearer token of the request |
diff --git a/service/bearer.go b/service/bearer.go
index bc8aaa5..6013e03 100644
--- a/service/bearer.go
+++ b/service/bearer.go
@@ -94,3 +94,33 @@ func copyBearerTokenSignedData(buf []byte, token BearerTokenInfo) {
tokenEndianness.PutUint64(buf[off:], token.ExpirationEpoch())
off += 8
}
+
+// SetACLRules is an ACLRules field setter.
+func (m *BearerTokenMsg_Info) SetACLRules(v []byte) {
+ m.ACLRules = v
+}
+
+// SetValidUntil is a ValidUntil field setter.
+func (m *BearerTokenMsg_Info) SetValidUntil(v uint64) {
+ m.ValidUntil = v
+}
+
+// GetOwnerID if an OwnerID field getter.
+func (m BearerTokenMsg_Info) GetOwnerID() OwnerID {
+ return m.OwnerID
+}
+
+// SetOwnerID is an OwnerID field setter.
+func (m *BearerTokenMsg_Info) SetOwnerID(v OwnerID) {
+ m.OwnerID = v
+}
+
+// SetOwnerKey is an OwnerKey field setter.
+func (m *BearerTokenMsg) SetOwnerKey(v []byte) {
+ m.OwnerKey = v
+}
+
+// SetSignature is a Signature field setter.
+func (m *BearerTokenMsg) SetSignature(v []byte) {
+ m.Signature = v
+}
diff --git a/service/bearer_test.go b/service/bearer_test.go
index da359f2..9ece9c8 100644
--- a/service/bearer_test.go
+++ b/service/bearer_test.go
@@ -170,3 +170,27 @@ func TestSignVerifyBearerToken(t *testing.T) {
require.NoError(t, VerifySignatureWithKey(pk, verifiedToken))
}
}
+
+func TestBearerTokenMsg_Setters(t *testing.T) {
+ s := new(BearerTokenMsg)
+
+ aclRules := []byte{1, 2, 3}
+ s.SetACLRules(aclRules)
+ require.Equal(t, aclRules, s.GetACLRules())
+
+ validUntil := uint64(6)
+ s.SetValidUntil(validUntil)
+ require.Equal(t, validUntil, s.GetValidUntil())
+
+ ownerID := OwnerID{1, 2, 3}
+ s.SetOwnerID(ownerID)
+ require.Equal(t, ownerID, s.GetOwnerID())
+
+ ownerKey := []byte{4, 5, 6}
+ s.SetOwnerKey(ownerKey)
+ require.Equal(t, ownerKey, s.GetOwnerKey())
+
+ sig := []byte{7, 8, 9}
+ s.SetSignature(sig)
+ require.Equal(t, sig, s.GetSignature())
+}
diff --git a/service/meta.go b/service/meta.go
index f1b4613..e838cec 100644
--- a/service/meta.go
+++ b/service/meta.go
@@ -69,3 +69,18 @@ func (s extHdrSrcWrapper) ReadSignedData(p []byte) (int, error) {
return sz, nil
}
+
+// SetK is a K field setter.
+func (m *RequestExtendedHeader_KV) SetK(v string) {
+ m.K = v
+}
+
+// SetV is a V field setter.
+func (m *RequestExtendedHeader_KV) SetV(v string) {
+ m.V = v
+}
+
+// SetHeaders is a Headers field setter.
+func (m *RequestExtendedHeader) SetHeaders(v []RequestExtendedHeader_KV) {
+ m.Headers = v
+}
diff --git a/service/meta.pb.go b/service/meta.pb.go
index 25a5469..0d63077 100644
--- a/service/meta.pb.go
+++ b/service/meta.pb.go
@@ -34,10 +34,12 @@ type RequestMetaHeader struct {
// TODO: not used for now, should be implemented in future
Version uint32 `protobuf:"varint,3,opt,name=Version,proto3" json:"Version,omitempty"`
// Raw determines whether the request is raw or not
- Raw bool `protobuf:"varint,4,opt,name=Raw,proto3" json:"Raw,omitempty"`
- XXX_NoUnkeyedLiteral struct{} `json:"-"`
- XXX_unrecognized []byte `json:"-"`
- XXX_sizecache int32 `json:"-"`
+ Raw bool `protobuf:"varint,4,opt,name=Raw,proto3" json:"Raw,omitempty"`
+ // ExtendedHeader carries extended headers of the request
+ RequestExtendedHeader `protobuf:"bytes,5,opt,name=ExtendedHeader,proto3,embedded=ExtendedHeader" json:"ExtendedHeader"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
}
func (m *RequestMetaHeader) Reset() { *m = RequestMetaHeader{} }
@@ -153,32 +155,139 @@ func (m *ResponseMetaHeader) GetVersion() uint32 {
return 0
}
+// RequestExtendedHeader contains extended headers of request
+type RequestExtendedHeader struct {
+ // Headers carries list of key-value headers
+ Headers []RequestExtendedHeader_KV `protobuf:"bytes,1,rep,name=Headers,proto3" json:"Headers"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *RequestExtendedHeader) Reset() { *m = RequestExtendedHeader{} }
+func (m *RequestExtendedHeader) String() string { return proto.CompactTextString(m) }
+func (*RequestExtendedHeader) ProtoMessage() {}
+func (*RequestExtendedHeader) Descriptor() ([]byte, []int) {
+ return fileDescriptor_a638867e7b43457c, []int{2}
+}
+func (m *RequestExtendedHeader) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *RequestExtendedHeader) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *RequestExtendedHeader) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_RequestExtendedHeader.Merge(m, src)
+}
+func (m *RequestExtendedHeader) XXX_Size() int {
+ return m.Size()
+}
+func (m *RequestExtendedHeader) XXX_DiscardUnknown() {
+ xxx_messageInfo_RequestExtendedHeader.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_RequestExtendedHeader proto.InternalMessageInfo
+
+func (m *RequestExtendedHeader) GetHeaders() []RequestExtendedHeader_KV {
+ if m != nil {
+ return m.Headers
+ }
+ return nil
+}
+
+// KV contains string key-value pair
+type RequestExtendedHeader_KV struct {
+ // K carries extended header key
+ K string `protobuf:"bytes,1,opt,name=K,proto3" json:"K,omitempty"`
+ // V carries extended header value
+ V string `protobuf:"bytes,2,opt,name=V,proto3" json:"V,omitempty"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *RequestExtendedHeader_KV) Reset() { *m = RequestExtendedHeader_KV{} }
+func (m *RequestExtendedHeader_KV) String() string { return proto.CompactTextString(m) }
+func (*RequestExtendedHeader_KV) ProtoMessage() {}
+func (*RequestExtendedHeader_KV) Descriptor() ([]byte, []int) {
+ return fileDescriptor_a638867e7b43457c, []int{2, 0}
+}
+func (m *RequestExtendedHeader_KV) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *RequestExtendedHeader_KV) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *RequestExtendedHeader_KV) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_RequestExtendedHeader_KV.Merge(m, src)
+}
+func (m *RequestExtendedHeader_KV) XXX_Size() int {
+ return m.Size()
+}
+func (m *RequestExtendedHeader_KV) XXX_DiscardUnknown() {
+ xxx_messageInfo_RequestExtendedHeader_KV.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_RequestExtendedHeader_KV proto.InternalMessageInfo
+
+func (m *RequestExtendedHeader_KV) GetK() string {
+ if m != nil {
+ return m.K
+ }
+ return ""
+}
+
+func (m *RequestExtendedHeader_KV) GetV() string {
+ if m != nil {
+ return m.V
+ }
+ return ""
+}
+
func init() {
proto.RegisterType((*RequestMetaHeader)(nil), "service.RequestMetaHeader")
proto.RegisterType((*ResponseMetaHeader)(nil), "service.ResponseMetaHeader")
+ proto.RegisterType((*RequestExtendedHeader)(nil), "service.RequestExtendedHeader")
+ proto.RegisterType((*RequestExtendedHeader_KV)(nil), "service.RequestExtendedHeader.KV")
}
func init() { proto.RegisterFile("service/meta.proto", fileDescriptor_a638867e7b43457c) }
var fileDescriptor_a638867e7b43457c = []byte{
- // 261 bytes of a gzipped FileDescriptorProto
- 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x12, 0x2a, 0x4e, 0x2d, 0x2a,
- 0xcb, 0x4c, 0x4e, 0xd5, 0xcf, 0x4d, 0x2d, 0x49, 0xd4, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62,
- 0x87, 0x8a, 0x49, 0xe9, 0xa6, 0x67, 0x96, 0x64, 0x94, 0x26, 0xe9, 0x25, 0xe7, 0xe7, 0xea, 0xa7,
- 0xe7, 0xa7, 0xe7, 0xeb, 0x83, 0xe5, 0x93, 0x4a, 0xd3, 0xc0, 0x3c, 0x30, 0x07, 0xcc, 0x82, 0xe8,
- 0x53, 0x4a, 0xe7, 0x12, 0x0c, 0x4a, 0x2d, 0x2c, 0x4d, 0x2d, 0x2e, 0xf1, 0x4d, 0x2d, 0x49, 0xf4,
- 0x48, 0x4d, 0x4c, 0x49, 0x2d, 0x12, 0x12, 0xe0, 0x62, 0x0e, 0x09, 0xf1, 0x91, 0x60, 0x54, 0x60,
- 0xd4, 0xe0, 0x0d, 0x02, 0x31, 0x85, 0x44, 0xb8, 0x58, 0x5d, 0x0b, 0xf2, 0x93, 0x33, 0x24, 0x98,
- 0x14, 0x18, 0x35, 0x58, 0x82, 0x20, 0x1c, 0x21, 0x09, 0x2e, 0xf6, 0xb0, 0xd4, 0xa2, 0xe2, 0xcc,
- 0xfc, 0x3c, 0x09, 0x66, 0xb0, 0x5a, 0x18, 0x17, 0x64, 0x42, 0x50, 0x62, 0xb9, 0x04, 0x8b, 0x02,
- 0xa3, 0x06, 0x47, 0x10, 0x88, 0xa9, 0xe4, 0xc2, 0x25, 0x14, 0x94, 0x5a, 0x5c, 0x90, 0x9f, 0x57,
- 0x9c, 0x8a, 0x64, 0x13, 0xdc, 0x5c, 0x46, 0x1c, 0xe6, 0x32, 0xa1, 0x98, 0xeb, 0x14, 0x7c, 0xe2,
- 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, 0x37, 0x1e, 0xc9, 0x31, 0x3e, 0x78, 0x24, 0xc7, 0x38,
- 0xe3, 0xb1, 0x1c, 0x43, 0x94, 0x26, 0x92, 0x9f, 0xf3, 0x8a, 0x0b, 0x92, 0x93, 0x75, 0x53, 0x52,
- 0xcb, 0xf4, 0xf3, 0x52, 0xf3, 0xd3, 0x8a, 0x75, 0x13, 0x0b, 0x32, 0x75, 0xd3, 0xf3, 0xf5, 0xa1,
- 0xc1, 0xb3, 0x8a, 0x49, 0xd0, 0x2f, 0x35, 0xdf, 0x2d, 0x58, 0xcf, 0x31, 0xc0, 0x53, 0x2f, 0x18,
- 0x22, 0x96, 0xc4, 0x06, 0x0e, 0x0a, 0x63, 0x40, 0x00, 0x00, 0x00, 0xff, 0xff, 0xb2, 0x12, 0x93,
- 0x5e, 0x58, 0x01, 0x00, 0x00,
+ // 362 bytes of a gzipped FileDescriptorProto
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x7c, 0x91, 0xb1, 0x8e, 0xda, 0x40,
+ 0x10, 0x86, 0x19, 0x03, 0x01, 0x96, 0x24, 0x0a, 0xab, 0x44, 0xb2, 0x28, 0x8c, 0x43, 0xe5, 0x14,
+ 0xb6, 0x25, 0xf2, 0x04, 0xa0, 0x10, 0x25, 0x72, 0x12, 0xa1, 0x05, 0xb9, 0x48, 0x67, 0xec, 0xc1,
+ 0xb8, 0xc0, 0xeb, 0x78, 0x0d, 0x49, 0x91, 0x07, 0xc9, 0x33, 0xe4, 0x0d, 0xee, 0x0d, 0x28, 0x29,
+ 0xaf, 0x42, 0x27, 0xdf, 0x8b, 0x9c, 0xbc, 0x36, 0x27, 0x38, 0xdd, 0x5d, 0xf7, 0x7f, 0xb3, 0x33,
+ 0x3b, 0x9f, 0x34, 0x84, 0x0a, 0x4c, 0x77, 0x91, 0x8f, 0xf6, 0x06, 0x33, 0xcf, 0x4a, 0x52, 0x9e,
+ 0x71, 0xda, 0xaa, 0x6a, 0x7d, 0x33, 0x8c, 0xb2, 0xf5, 0x76, 0x69, 0xf9, 0x7c, 0x63, 0x87, 0x3c,
+ 0xe4, 0xb6, 0x7c, 0x5f, 0x6e, 0x57, 0x92, 0x24, 0xc8, 0x54, 0xce, 0x0d, 0xaf, 0x80, 0xf4, 0x18,
+ 0xfe, 0xda, 0xa2, 0xc8, 0xbe, 0x63, 0xe6, 0x7d, 0x41, 0x2f, 0xc0, 0x94, 0xbe, 0x21, 0xf5, 0xc5,
+ 0xe2, 0x9b, 0x0a, 0x3a, 0x18, 0xaf, 0x58, 0x11, 0xe9, 0x5b, 0xd2, 0x9c, 0x26, 0xdc, 0x5f, 0xab,
+ 0x8a, 0x0e, 0x46, 0x83, 0x95, 0x40, 0x55, 0xd2, 0x72, 0x31, 0x15, 0x11, 0x8f, 0xd5, 0xba, 0xec,
+ 0x3d, 0x61, 0xf1, 0x03, 0xf3, 0x7e, 0xab, 0x0d, 0x1d, 0x8c, 0x36, 0x2b, 0x22, 0x9d, 0x91, 0xd7,
+ 0xd3, 0x3f, 0x19, 0xc6, 0x01, 0x06, 0xe5, 0x16, 0xb5, 0xa9, 0x83, 0xd1, 0x1d, 0x69, 0x56, 0xa5,
+ 0x6e, 0x55, 0x1e, 0x97, 0x5d, 0x93, 0xf6, 0xfe, 0x38, 0xa8, 0x1d, 0x8e, 0x03, 0x60, 0x0f, 0xe6,
+ 0x87, 0x9f, 0x08, 0x65, 0x28, 0x12, 0x1e, 0x0b, 0x3c, 0x73, 0xbf, 0x37, 0x85, 0x27, 0x4c, 0x95,
+ 0x0b, 0xd3, 0xe1, 0x5f, 0xf2, 0xee, 0xd1, 0xc5, 0x74, 0x4c, 0x5a, 0x65, 0x12, 0x2a, 0xe8, 0x75,
+ 0xa3, 0x3b, 0x7a, 0xff, 0xbc, 0xa9, 0xe5, 0xb8, 0x93, 0x46, 0x21, 0xcb, 0x4e, 0x73, 0x7d, 0x9d,
+ 0x28, 0x8e, 0x4b, 0x5f, 0x12, 0x70, 0xa4, 0x4d, 0x87, 0x81, 0x53, 0x90, 0x2b, 0x1d, 0x3a, 0x0c,
+ 0xdc, 0xc9, 0x7c, 0x9f, 0x6b, 0x70, 0xc8, 0x35, 0xb8, 0xce, 0x35, 0xb8, 0xc9, 0x35, 0xf8, 0x77,
+ 0xab, 0xd5, 0x7e, 0x7e, 0x38, 0x3b, 0x62, 0x2c, 0x12, 0xdf, 0x37, 0x03, 0xdc, 0xd9, 0x31, 0xf2,
+ 0x95, 0x30, 0xbd, 0x24, 0x32, 0x43, 0x6e, 0x57, 0x2a, 0xff, 0x95, 0xde, 0x0f, 0xe4, 0x9f, 0xe7,
+ 0xd6, 0x78, 0xf6, 0xd5, 0x9a, 0x97, 0xb5, 0xe5, 0x0b, 0x79, 0xdb, 0x8f, 0x77, 0x01, 0x00, 0x00,
+ 0xff, 0xff, 0xf3, 0xf7, 0x0a, 0xb8, 0x29, 0x02, 0x00, 0x00,
}
func (m *RequestMetaHeader) Marshal() (dAtA []byte, err error) {
@@ -205,6 +314,16 @@ func (m *RequestMetaHeader) MarshalToSizedBuffer(dAtA []byte) (int, error) {
i -= len(m.XXX_unrecognized)
copy(dAtA[i:], m.XXX_unrecognized)
}
+ {
+ size, err := m.RequestExtendedHeader.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintMeta(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x2a
if m.Raw {
i--
if m.Raw {
@@ -270,6 +389,88 @@ func (m *ResponseMetaHeader) MarshalToSizedBuffer(dAtA []byte) (int, error) {
return len(dAtA) - i, nil
}
+func (m *RequestExtendedHeader) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *RequestExtendedHeader) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *RequestExtendedHeader) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ if len(m.Headers) > 0 {
+ for iNdEx := len(m.Headers) - 1; iNdEx >= 0; iNdEx-- {
+ {
+ size, err := m.Headers[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintMeta(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0xa
+ }
+ }
+ return len(dAtA) - i, nil
+}
+
+func (m *RequestExtendedHeader_KV) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *RequestExtendedHeader_KV) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *RequestExtendedHeader_KV) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ if len(m.V) > 0 {
+ i -= len(m.V)
+ copy(dAtA[i:], m.V)
+ i = encodeVarintMeta(dAtA, i, uint64(len(m.V)))
+ i--
+ dAtA[i] = 0x12
+ }
+ if len(m.K) > 0 {
+ i -= len(m.K)
+ copy(dAtA[i:], m.K)
+ i = encodeVarintMeta(dAtA, i, uint64(len(m.K)))
+ i--
+ dAtA[i] = 0xa
+ }
+ return len(dAtA) - i, nil
+}
+
func encodeVarintMeta(dAtA []byte, offset int, v uint64) int {
offset -= sovMeta(v)
base := offset
@@ -299,6 +500,8 @@ func (m *RequestMetaHeader) Size() (n int) {
if m.Raw {
n += 2
}
+ l = m.RequestExtendedHeader.Size()
+ n += 1 + l + sovMeta(uint64(l))
if m.XXX_unrecognized != nil {
n += len(m.XXX_unrecognized)
}
@@ -323,6 +526,44 @@ func (m *ResponseMetaHeader) Size() (n int) {
return n
}
+func (m *RequestExtendedHeader) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ if len(m.Headers) > 0 {
+ for _, e := range m.Headers {
+ l = e.Size()
+ n += 1 + l + sovMeta(uint64(l))
+ }
+ }
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
+func (m *RequestExtendedHeader_KV) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = len(m.K)
+ if l > 0 {
+ n += 1 + l + sovMeta(uint64(l))
+ }
+ l = len(m.V)
+ if l > 0 {
+ n += 1 + l + sovMeta(uint64(l))
+ }
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
func sovMeta(x uint64) (n int) {
return (math_bits.Len64(x|1) + 6) / 7
}
@@ -435,6 +676,39 @@ func (m *RequestMetaHeader) Unmarshal(dAtA []byte) error {
}
}
m.Raw = bool(v != 0)
+ case 5:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field RequestExtendedHeader", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowMeta
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthMeta
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.RequestExtendedHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipMeta(dAtA[iNdEx:])
@@ -552,6 +826,212 @@ func (m *ResponseMetaHeader) Unmarshal(dAtA []byte) error {
}
return nil
}
+func (m *RequestExtendedHeader) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowMeta
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: RequestExtendedHeader: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: RequestExtendedHeader: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field Headers", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowMeta
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthMeta
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.Headers = append(m.Headers, RequestExtendedHeader_KV{})
+ if err := m.Headers[len(m.Headers)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipMeta(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func (m *RequestExtendedHeader_KV) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowMeta
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: KV: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: KV: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field K", wireType)
+ }
+ var stringLen uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowMeta
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ stringLen |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ intStringLen := int(stringLen)
+ if intStringLen < 0 {
+ return ErrInvalidLengthMeta
+ }
+ postIndex := iNdEx + intStringLen
+ if postIndex < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.K = string(dAtA[iNdEx:postIndex])
+ iNdEx = postIndex
+ case 2:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field V", wireType)
+ }
+ var stringLen uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowMeta
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ stringLen |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ intStringLen := int(stringLen)
+ if intStringLen < 0 {
+ return ErrInvalidLengthMeta
+ }
+ postIndex := iNdEx + intStringLen
+ if postIndex < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.V = string(dAtA[iNdEx:postIndex])
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipMeta(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthMeta
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
func skipMeta(dAtA []byte) (n int, err error) {
l := len(dAtA)
iNdEx := 0
diff --git a/service/meta.proto b/service/meta.proto
index 093f118..8171980 100644
--- a/service/meta.proto
+++ b/service/meta.proto
@@ -19,6 +19,8 @@ message RequestMetaHeader {
uint32 Version = 3;
// Raw determines whether the request is raw or not
bool Raw = 4;
+ // ExtendedHeader carries extended headers of the request
+ RequestExtendedHeader ExtendedHeader = 5 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
}
// ResponseMetaHeader contains meta information based on request processing by server
@@ -30,3 +32,18 @@ message ResponseMetaHeader {
// TODO: not used for now, should be implemented in future
uint32 Version = 2;
}
+
+// RequestExtendedHeader contains extended headers of request
+message RequestExtendedHeader {
+ // KV contains string key-value pair
+ message KV {
+ // K carries extended header key
+ string K = 1;
+
+ // V carries extended header value
+ string V = 2;
+ }
+
+ // Headers carries list of key-value headers
+ repeated KV Headers = 1 [(gogoproto.nullable) = false];
+}
diff --git a/service/meta_test.go b/service/meta_test.go
index a0b85ef..7c3853a 100644
--- a/service/meta_test.go
+++ b/service/meta_test.go
@@ -23,3 +23,31 @@ func TestCutRestoreMeta(t *testing.T) {
require.Equal(t, item(), v1)
}
}
+
+func TestRequestExtendedHeader_KV_Setters(t *testing.T) {
+ s := new(RequestExtendedHeader_KV)
+
+ key := "key"
+ s.SetK(key)
+ require.Equal(t, key, s.GetK())
+
+ val := "val"
+ s.SetV(val)
+ require.Equal(t, val, s.GetV())
+}
+
+func TestRequestExtendedHeader_SetHeaders(t *testing.T) {
+ s := new(RequestExtendedHeader)
+
+ hdr := RequestExtendedHeader_KV{}
+ hdr.SetK("key")
+ hdr.SetV("val")
+
+ hdrs := []RequestExtendedHeader_KV{
+ hdr,
+ }
+
+ s.SetHeaders(hdrs)
+
+ require.Equal(t, hdrs, s.GetHeaders())
+}
diff --git a/service/verify.go b/service/verify.go
index 62db2f5..0673a01 100644
--- a/service/verify.go
+++ b/service/verify.go
@@ -67,6 +67,11 @@ func (m *RequestVerificationHeader) SetToken(token *Token) {
m.Token = token
}
+// SetBearer is a Bearer field setter.
+func (m *RequestVerificationHeader) SetBearer(v *BearerTokenMsg) {
+ m.Bearer = v
+}
+
// testCustomField for test usage only.
type testCustomField [8]uint32
diff --git a/service/verify.pb.go b/service/verify.pb.go
index d198302..02f3f39 100644
--- a/service/verify.pb.go
+++ b/service/verify.pb.go
@@ -78,10 +78,12 @@ type RequestVerificationHeader struct {
// Signatures is a set of signatures of every passed NeoFS Node
Signatures []*RequestVerificationHeader_Signature `protobuf:"bytes,1,rep,name=Signatures,proto3" json:"Signatures,omitempty"`
// Token is a token of the session within which the request is sent
- Token *Token `protobuf:"bytes,2,opt,name=Token,proto3" json:"Token,omitempty"`
- XXX_NoUnkeyedLiteral struct{} `json:"-"`
- XXX_unrecognized []byte `json:"-"`
- XXX_sizecache int32 `json:"-"`
+ Token *Token `protobuf:"bytes,2,opt,name=Token,proto3" json:"Token,omitempty"`
+ // Bearer is a Bearer token of the request
+ Bearer *BearerTokenMsg `protobuf:"bytes,3,opt,name=Bearer,proto3" json:"Bearer,omitempty"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
}
func (m *RequestVerificationHeader) Reset() { *m = RequestVerificationHeader{} }
@@ -127,6 +129,13 @@ func (m *RequestVerificationHeader) GetToken() *Token {
return nil
}
+func (m *RequestVerificationHeader) GetBearer() *BearerTokenMsg {
+ if m != nil {
+ return m.Bearer
+ }
+ return nil
+}
+
type RequestVerificationHeader_Signature struct {
// Sign is signature of the request or session key.
Sign []byte `protobuf:"bytes,1,opt,name=Sign,proto3" json:"Sign,omitempty"`
@@ -351,6 +360,117 @@ func (m *TokenLifetime) GetValidUntil() uint64 {
return 0
}
+// BearerTokenMsg carries information about request ACL rules with limited lifetime
+type BearerTokenMsg struct {
+ // TokenInfo is a grouped information about token
+ BearerTokenMsg_Info `protobuf:"bytes,1,opt,name=TokenInfo,proto3,embedded=TokenInfo" json:"TokenInfo"`
+ // OwnerKey is a public key of the token owner
+ OwnerKey []byte `protobuf:"bytes,2,opt,name=OwnerKey,proto3" json:"OwnerKey,omitempty"`
+ // Signature is a signature of token information
+ Signature []byte `protobuf:"bytes,3,opt,name=Signature,proto3" json:"Signature,omitempty"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *BearerTokenMsg) Reset() { *m = BearerTokenMsg{} }
+func (m *BearerTokenMsg) String() string { return proto.CompactTextString(m) }
+func (*BearerTokenMsg) ProtoMessage() {}
+func (*BearerTokenMsg) Descriptor() ([]byte, []int) {
+ return fileDescriptor_4bdd5bc50ec96238, []int{3}
+}
+func (m *BearerTokenMsg) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *BearerTokenMsg) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *BearerTokenMsg) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_BearerTokenMsg.Merge(m, src)
+}
+func (m *BearerTokenMsg) XXX_Size() int {
+ return m.Size()
+}
+func (m *BearerTokenMsg) XXX_DiscardUnknown() {
+ xxx_messageInfo_BearerTokenMsg.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_BearerTokenMsg proto.InternalMessageInfo
+
+func (m *BearerTokenMsg) GetOwnerKey() []byte {
+ if m != nil {
+ return m.OwnerKey
+ }
+ return nil
+}
+
+func (m *BearerTokenMsg) GetSignature() []byte {
+ if m != nil {
+ return m.Signature
+ }
+ return nil
+}
+
+type BearerTokenMsg_Info struct {
+ // ACLRules carries a binary representation of the table of extended ACL rules
+ ACLRules []byte `protobuf:"bytes,1,opt,name=ACLRules,proto3" json:"ACLRules,omitempty"`
+ // OwnerID is an owner of token
+ OwnerID OwnerID `protobuf:"bytes,2,opt,name=OwnerID,proto3,customtype=OwnerID" json:"OwnerID"`
+ // ValidUntil carries a last epoch of token lifetime
+ ValidUntil uint64 `protobuf:"varint,3,opt,name=ValidUntil,proto3" json:"ValidUntil,omitempty"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
+}
+
+func (m *BearerTokenMsg_Info) Reset() { *m = BearerTokenMsg_Info{} }
+func (m *BearerTokenMsg_Info) String() string { return proto.CompactTextString(m) }
+func (*BearerTokenMsg_Info) ProtoMessage() {}
+func (*BearerTokenMsg_Info) Descriptor() ([]byte, []int) {
+ return fileDescriptor_4bdd5bc50ec96238, []int{3, 0}
+}
+func (m *BearerTokenMsg_Info) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *BearerTokenMsg_Info) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *BearerTokenMsg_Info) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_BearerTokenMsg_Info.Merge(m, src)
+}
+func (m *BearerTokenMsg_Info) XXX_Size() int {
+ return m.Size()
+}
+func (m *BearerTokenMsg_Info) XXX_DiscardUnknown() {
+ xxx_messageInfo_BearerTokenMsg_Info.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_BearerTokenMsg_Info proto.InternalMessageInfo
+
+func (m *BearerTokenMsg_Info) GetACLRules() []byte {
+ if m != nil {
+ return m.ACLRules
+ }
+ return nil
+}
+
+func (m *BearerTokenMsg_Info) GetValidUntil() uint64 {
+ if m != nil {
+ return m.ValidUntil
+ }
+ return 0
+}
+
func init() {
proto.RegisterEnum("service.Token_Info_Verb", Token_Info_Verb_name, Token_Info_Verb_value)
proto.RegisterType((*RequestVerificationHeader)(nil), "service.RequestVerificationHeader")
@@ -358,49 +478,56 @@ func init() {
proto.RegisterType((*Token)(nil), "service.Token")
proto.RegisterType((*Token_Info)(nil), "service.Token.Info")
proto.RegisterType((*TokenLifetime)(nil), "service.TokenLifetime")
+ proto.RegisterType((*BearerTokenMsg)(nil), "service.BearerTokenMsg")
+ proto.RegisterType((*BearerTokenMsg_Info)(nil), "service.BearerTokenMsg.Info")
}
func init() { proto.RegisterFile("service/verify.proto", fileDescriptor_4bdd5bc50ec96238) }
var fileDescriptor_4bdd5bc50ec96238 = []byte{
- // 579 bytes of a gzipped FileDescriptorProto
- 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x74, 0x53, 0x4f, 0x6f, 0x12, 0x41,
- 0x14, 0xef, 0xc0, 0xc2, 0xc2, 0xeb, 0x1f, 0xd7, 0xd1, 0x98, 0x95, 0x18, 0x20, 0xc4, 0x03, 0x4d,
- 0x64, 0x49, 0x68, 0x62, 0x4c, 0xf4, 0x52, 0x24, 0x5a, 0x62, 0xa3, 0xcd, 0x50, 0x7b, 0xf0, 0xb6,
- 0xc0, 0x63, 0x3b, 0xb1, 0xdd, 0xc1, 0x99, 0x01, 0xd3, 0xef, 0xe1, 0xc1, 0xcf, 0xe0, 0xe7, 0xf0,
- 0xd0, 0x63, 0x8f, 0xc6, 0x03, 0x31, 0xf8, 0x29, 0xbc, 0x99, 0x99, 0x5d, 0x60, 0x9b, 0xe8, 0xed,
- 0xf7, 0x7e, 0xef, 0xfd, 0xde, 0xef, 0xcd, 0x9b, 0x19, 0xb8, 0xaf, 0x50, 0xce, 0xf9, 0x08, 0xdb,
- 0x73, 0x94, 0x7c, 0x72, 0x15, 0x4c, 0xa5, 0xd0, 0x82, 0xba, 0x29, 0x5b, 0xf1, 0x24, 0x4e, 0x54,
- 0x5b, 0x5f, 0x4d, 0x51, 0x25, 0xa9, 0x4a, 0x2b, 0xe2, 0xfa, 0x7c, 0x36, 0x0c, 0x46, 0xe2, 0xb2,
- 0x1d, 0x89, 0x48, 0xb4, 0x2d, 0x3d, 0x9c, 0x4d, 0x6c, 0x64, 0x03, 0x8b, 0x92, 0xf2, 0xc6, 0x77,
- 0x02, 0x0f, 0x19, 0x7e, 0x9a, 0xa1, 0xd2, 0x67, 0xc6, 0x81, 0x8f, 0x42, 0xcd, 0x45, 0x7c, 0x84,
- 0xe1, 0x18, 0x25, 0x3d, 0x06, 0x18, 0xf0, 0x28, 0x0e, 0xf5, 0x4c, 0xa2, 0xf2, 0x49, 0x3d, 0xdf,
- 0xdc, 0xee, 0x3c, 0x09, 0x52, 0xf3, 0xe0, 0xbf, 0xba, 0x60, 0x2d, 0x62, 0x19, 0x3d, 0x7d, 0x0c,
- 0x85, 0x53, 0xf1, 0x11, 0x63, 0x3f, 0x57, 0x27, 0xcd, 0xed, 0xce, 0xde, 0xba, 0x91, 0x65, 0x59,
- 0x92, 0xac, 0x1c, 0x40, 0x79, 0xad, 0xa1, 0x14, 0x1c, 0x13, 0xf8, 0xa4, 0x4e, 0x9a, 0x3b, 0xcc,
- 0x62, 0xc3, 0x9d, 0x20, 0x4a, 0xdb, 0x65, 0x87, 0x59, 0xdc, 0xf8, 0x93, 0x4f, 0x7b, 0xd3, 0xe7,
- 0x50, 0xb6, 0xa0, 0x1f, 0x4f, 0x84, 0x95, 0x6d, 0x77, 0xee, 0xdd, 0x36, 0x0a, 0x4c, 0xaa, 0x5b,
- 0xba, 0x5e, 0xd4, 0xb6, 0x6e, 0x16, 0x35, 0xc2, 0x36, 0xf5, 0xf4, 0x51, 0xc6, 0xdb, 0x2f, 0xd9,
- 0xfe, 0x1b, 0xa2, 0xf2, 0x25, 0x0f, 0x8e, 0x2d, 0xab, 0x41, 0xae, 0xdf, 0x4b, 0x66, 0xea, 0xde,
- 0x31, 0x7d, 0x7e, 0x2e, 0x6a, 0x6e, 0xd2, 0xa5, 0xc7, 0x72, 0xfd, 0x1e, 0xdd, 0x07, 0xf7, 0xdd,
- 0xe7, 0x18, 0x65, 0xbf, 0x97, 0x4c, 0xb9, 0xa9, 0x4a, 0x69, 0xb6, 0x02, 0xf4, 0x29, 0x38, 0x73,
- 0x94, 0x43, 0x3f, 0x5f, 0x27, 0xcd, 0xbd, 0x8e, 0xff, 0x8f, 0x51, 0x83, 0x33, 0x94, 0xc3, 0x6e,
- 0x69, 0xb9, 0xa8, 0x39, 0x06, 0x31, 0x5b, 0x4f, 0x9f, 0x81, 0x7b, 0x38, 0x1e, 0x4b, 0x54, 0xca,
- 0x77, 0xec, 0x29, 0x77, 0x03, 0xf3, 0x16, 0x82, 0x94, 0xdc, 0x38, 0xa6, 0x04, 0x5b, 0x01, 0xfa,
- 0x02, 0x4a, 0xc7, 0x7c, 0x82, 0x9a, 0x5f, 0xa2, 0x5f, 0xb0, 0xd2, 0x07, 0xb7, 0x5d, 0x57, 0xd9,
- 0xcc, 0x8e, 0xd6, 0x0a, 0x5a, 0x05, 0x18, 0xa0, 0x52, 0x5c, 0xc4, 0x6f, 0xf0, 0xca, 0x2f, 0xda,
- 0x1d, 0x65, 0x18, 0x5a, 0x81, 0x92, 0x3d, 0x9a, 0xc9, 0xba, 0x36, 0xbb, 0x8e, 0x1b, 0xa7, 0x60,
- 0x4f, 0x40, 0x5d, 0xc8, 0x9f, 0xcc, 0xb4, 0xb7, 0x65, 0xc0, 0x6b, 0xd4, 0x1e, 0xa1, 0x25, 0x70,
- 0xcc, 0xd3, 0xf1, 0x72, 0x14, 0xa0, 0x38, 0xc0, 0x50, 0x8e, 0xce, 0xbd, 0xbc, 0xc1, 0x3d, 0xbc,
- 0x40, 0x8d, 0x9e, 0x43, 0xcb, 0x50, 0x60, 0x61, 0x1c, 0xa1, 0x57, 0xa0, 0xbb, 0x50, 0xb6, 0xf0,
- 0x28, 0x54, 0xe7, 0x5e, 0xb1, 0xd1, 0x87, 0xdd, 0x5b, 0x63, 0x53, 0x1f, 0xdc, 0x97, 0x12, 0x43,
- 0x8d, 0x63, 0x7b, 0x47, 0x0e, 0x5b, 0x85, 0x66, 0xf8, 0xb3, 0xf0, 0x82, 0x8f, 0xdf, 0xc7, 0x9a,
- 0x5f, 0xd8, 0xab, 0x71, 0x58, 0x86, 0xe9, 0x0e, 0xae, 0x97, 0x55, 0x72, 0xb3, 0xac, 0x92, 0x1f,
- 0xcb, 0x2a, 0xf9, 0xb5, 0xac, 0x92, 0xaf, 0xbf, 0xab, 0x5b, 0x1f, 0xf6, 0x33, 0x5f, 0x2a, 0x56,
- 0xd3, 0xd1, 0xa8, 0x35, 0xc6, 0x79, 0x3b, 0x46, 0x31, 0x51, 0xad, 0x70, 0xca, 0x5b, 0x91, 0x68,
- 0xa7, 0xfb, 0xfb, 0x96, 0xbb, 0xfb, 0x16, 0xc5, 0xab, 0x41, 0x70, 0x78, 0xd2, 0x0f, 0x06, 0x09,
- 0x37, 0x2c, 0xda, 0x9f, 0x76, 0xf0, 0x37, 0x00, 0x00, 0xff, 0xff, 0xcb, 0xab, 0x17, 0xd9, 0xcb,
- 0x03, 0x00, 0x00,
+ // 658 bytes of a gzipped FileDescriptorProto
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x54, 0xcd, 0x6e, 0xd3, 0x5a,
+ 0x10, 0xae, 0x63, 0x27, 0x76, 0xa6, 0x3f, 0xd7, 0xf7, 0xdc, 0xab, 0x7b, 0x4d, 0x54, 0x25, 0x55,
+ 0xc4, 0xa2, 0x95, 0x88, 0x2d, 0xa5, 0x12, 0x42, 0x82, 0x4d, 0xd3, 0x08, 0x1a, 0x51, 0xa0, 0x3a,
+ 0x29, 0x5d, 0xb0, 0x73, 0x92, 0x89, 0x6b, 0x91, 0xda, 0xe1, 0x1c, 0x27, 0xa8, 0xef, 0xc1, 0x82,
+ 0x67, 0xe0, 0x49, 0xba, 0xec, 0x12, 0xb1, 0x88, 0x50, 0x78, 0x06, 0x16, 0xac, 0x40, 0x1e, 0x3b,
+ 0x89, 0x5d, 0x28, 0x12, 0xbb, 0x6f, 0xbe, 0xf9, 0xe6, 0xe7, 0x4c, 0xbe, 0x18, 0xfe, 0x95, 0x28,
+ 0xa6, 0x7e, 0x1f, 0x9d, 0x29, 0x0a, 0x7f, 0x78, 0x69, 0x8f, 0x45, 0x18, 0x85, 0x4c, 0x4f, 0xd9,
+ 0x8a, 0x29, 0x70, 0x28, 0x9d, 0xe8, 0x72, 0x8c, 0x32, 0x49, 0x55, 0x1a, 0x9e, 0x1f, 0x9d, 0x4f,
+ 0x7a, 0x76, 0x3f, 0xbc, 0x70, 0xbc, 0xd0, 0x0b, 0x1d, 0xa2, 0x7b, 0x93, 0x21, 0x45, 0x14, 0x10,
+ 0x4a, 0xe4, 0xf5, 0xaf, 0x0a, 0xdc, 0xe1, 0xf8, 0x66, 0x82, 0x32, 0x3a, 0x8b, 0x27, 0xf8, 0x7d,
+ 0x37, 0xf2, 0xc3, 0xe0, 0x08, 0xdd, 0x01, 0x0a, 0x76, 0x0c, 0xd0, 0xf5, 0xbd, 0xc0, 0x8d, 0x26,
+ 0x02, 0xa5, 0xa5, 0xec, 0xa8, 0xbb, 0xeb, 0xcd, 0x7b, 0x76, 0x3a, 0xdc, 0xbe, 0xb5, 0xce, 0x5e,
+ 0x16, 0xf1, 0x4c, 0x3d, 0xbb, 0x0b, 0xc5, 0xd3, 0xf0, 0x35, 0x06, 0x56, 0x61, 0x47, 0xd9, 0x5d,
+ 0x6f, 0x6e, 0x2d, 0x1b, 0x11, 0xcb, 0x93, 0x24, 0x73, 0xa0, 0xd4, 0x42, 0x57, 0xa0, 0xb0, 0x54,
+ 0x92, 0xfd, 0xbf, 0x94, 0x25, 0x34, 0xa9, 0x9e, 0x49, 0x8f, 0xa7, 0xb2, 0xca, 0x3e, 0x94, 0x97,
+ 0x43, 0x18, 0x03, 0x2d, 0x0e, 0x2c, 0x65, 0x47, 0xd9, 0xdd, 0xe0, 0x84, 0x63, 0xee, 0x04, 0x51,
+ 0xd0, 0xd8, 0x0d, 0x4e, 0xb8, 0xfe, 0x4d, 0x4d, 0x97, 0x61, 0x0f, 0xa1, 0x4c, 0xa0, 0x13, 0x0c,
+ 0x43, 0x2a, 0x5b, 0x6f, 0xfe, 0x93, 0xdf, 0xcc, 0x8e, 0x53, 0x2d, 0xe3, 0x6a, 0x56, 0x5b, 0xbb,
+ 0x9e, 0xd5, 0x14, 0xbe, 0xd2, 0xb3, 0xed, 0xcc, 0x6c, 0xcb, 0xa0, 0xfe, 0x2b, 0xa2, 0xf2, 0x4e,
+ 0x05, 0x8d, 0x64, 0x35, 0x28, 0x74, 0xda, 0xc9, 0x4e, 0xad, 0xbf, 0xe2, 0x3e, 0x9f, 0x66, 0x35,
+ 0x3d, 0xe9, 0xd2, 0xe6, 0x85, 0x4e, 0x9b, 0xed, 0x81, 0xfe, 0xe2, 0x6d, 0x80, 0xa2, 0xd3, 0x4e,
+ 0xb6, 0x5c, 0xa9, 0x52, 0x9a, 0x2f, 0x00, 0xbb, 0x0f, 0xda, 0x14, 0x45, 0x8f, 0xae, 0xb3, 0xd5,
+ 0xb4, 0x7e, 0xb1, 0xaa, 0x7d, 0x86, 0xa2, 0xd7, 0x32, 0xe6, 0xb3, 0x9a, 0x16, 0x23, 0x4e, 0x7a,
+ 0xf6, 0x00, 0xf4, 0x83, 0xc1, 0x40, 0xa0, 0x94, 0x96, 0x46, 0xaf, 0xdc, 0xb4, 0x63, 0xf3, 0xd8,
+ 0x29, 0xb9, 0x9a, 0x98, 0x12, 0x7c, 0x01, 0xd8, 0x23, 0x30, 0x8e, 0xfd, 0x21, 0x46, 0xfe, 0x05,
+ 0x5a, 0x45, 0x2a, 0xfd, 0x2f, 0x3f, 0x75, 0x91, 0xcd, 0xdc, 0x68, 0x59, 0xc1, 0xaa, 0x00, 0x5d,
+ 0x94, 0xd2, 0x0f, 0x83, 0xa7, 0x78, 0x69, 0x95, 0xe8, 0x46, 0x19, 0x86, 0x55, 0xc0, 0xa0, 0xa7,
+ 0xc5, 0x59, 0x9d, 0xb2, 0xcb, 0xb8, 0x7e, 0x0a, 0xf4, 0x02, 0xa6, 0x83, 0x7a, 0x32, 0x89, 0xcc,
+ 0xb5, 0x18, 0x3c, 0xc1, 0xc8, 0x54, 0x98, 0x01, 0x5a, 0xec, 0x35, 0xb3, 0xc0, 0x00, 0x4a, 0x5d,
+ 0x74, 0x45, 0xff, 0xdc, 0x54, 0x63, 0xdc, 0xc6, 0x11, 0x46, 0x68, 0x6a, 0xac, 0x0c, 0x45, 0xee,
+ 0x06, 0x1e, 0x9a, 0x45, 0xb6, 0x09, 0x65, 0x82, 0x47, 0xae, 0x3c, 0x37, 0x4b, 0xf5, 0x0e, 0x6c,
+ 0xe6, 0xd6, 0x66, 0x16, 0xe8, 0x87, 0x02, 0xdd, 0x08, 0x07, 0xf4, 0x1b, 0x69, 0x7c, 0x11, 0xc6,
+ 0xcb, 0x9f, 0xb9, 0x23, 0x7f, 0xf0, 0x32, 0x88, 0xfc, 0x11, 0xfd, 0x34, 0x1a, 0xcf, 0x30, 0xf5,
+ 0xef, 0x0a, 0x6c, 0xe5, 0x6d, 0xc9, 0xda, 0x3f, 0xfb, 0x69, 0xfb, 0x16, 0x0b, 0xff, 0xc6, 0x58,
+ 0xd9, 0xab, 0x14, 0xf2, 0x57, 0xc9, 0x9b, 0x4e, 0xbd, 0x69, 0xba, 0x8b, 0xd4, 0x73, 0x15, 0x30,
+ 0x0e, 0x0e, 0x8f, 0xf9, 0x64, 0x44, 0xff, 0x5c, 0xea, 0xb0, 0x88, 0xff, 0xc4, 0x6e, 0xf9, 0x0b,
+ 0xa8, 0x37, 0x2f, 0xd0, 0xea, 0x5e, 0xcd, 0xab, 0xca, 0xf5, 0xbc, 0xaa, 0x7c, 0x9c, 0x57, 0x95,
+ 0xcf, 0xf3, 0xaa, 0xf2, 0xfe, 0x4b, 0x75, 0xed, 0xd5, 0x5e, 0xe6, 0x2b, 0x14, 0xc8, 0x71, 0xbf,
+ 0xdf, 0x18, 0xe0, 0xd4, 0x09, 0x30, 0x1c, 0xca, 0x86, 0x3b, 0xf6, 0x1b, 0x5e, 0xe8, 0xa4, 0x27,
+ 0xf9, 0x50, 0xf8, 0xfb, 0x39, 0x86, 0x8f, 0xbb, 0xf6, 0xc1, 0x49, 0xc7, 0xee, 0x26, 0x5c, 0xaf,
+ 0x44, 0x1f, 0xa7, 0xfd, 0x1f, 0x01, 0x00, 0x00, 0xff, 0xff, 0x3b, 0x49, 0xb9, 0x3e, 0xfe, 0x04,
+ 0x00, 0x00,
}
func (m *RequestVerificationHeader) Marshal() (dAtA []byte, err error) {
@@ -427,6 +554,18 @@ func (m *RequestVerificationHeader) MarshalToSizedBuffer(dAtA []byte) (int, erro
i -= len(m.XXX_unrecognized)
copy(dAtA[i:], m.XXX_unrecognized)
}
+ if m.Bearer != nil {
+ {
+ size, err := m.Bearer.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintVerify(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x1a
+ }
if m.Token != nil {
{
size, err := m.Token.MarshalToSizedBuffer(dAtA[:i])
@@ -664,6 +803,106 @@ func (m *TokenLifetime) MarshalToSizedBuffer(dAtA []byte) (int, error) {
return len(dAtA) - i, nil
}
+func (m *BearerTokenMsg) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *BearerTokenMsg) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *BearerTokenMsg) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ if len(m.Signature) > 0 {
+ i -= len(m.Signature)
+ copy(dAtA[i:], m.Signature)
+ i = encodeVarintVerify(dAtA, i, uint64(len(m.Signature)))
+ i--
+ dAtA[i] = 0x1a
+ }
+ if len(m.OwnerKey) > 0 {
+ i -= len(m.OwnerKey)
+ copy(dAtA[i:], m.OwnerKey)
+ i = encodeVarintVerify(dAtA, i, uint64(len(m.OwnerKey)))
+ i--
+ dAtA[i] = 0x12
+ }
+ {
+ size, err := m.BearerTokenMsg_Info.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintVerify(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0xa
+ return len(dAtA) - i, nil
+}
+
+func (m *BearerTokenMsg_Info) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *BearerTokenMsg_Info) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *BearerTokenMsg_Info) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ if m.XXX_unrecognized != nil {
+ i -= len(m.XXX_unrecognized)
+ copy(dAtA[i:], m.XXX_unrecognized)
+ }
+ if m.ValidUntil != 0 {
+ i = encodeVarintVerify(dAtA, i, uint64(m.ValidUntil))
+ i--
+ dAtA[i] = 0x18
+ }
+ {
+ size := m.OwnerID.Size()
+ i -= size
+ if _, err := m.OwnerID.MarshalTo(dAtA[i:]); err != nil {
+ return 0, err
+ }
+ i = encodeVarintVerify(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x12
+ if len(m.ACLRules) > 0 {
+ i -= len(m.ACLRules)
+ copy(dAtA[i:], m.ACLRules)
+ i = encodeVarintVerify(dAtA, i, uint64(len(m.ACLRules)))
+ i--
+ dAtA[i] = 0xa
+ }
+ return len(dAtA) - i, nil
+}
+
func encodeVarintVerify(dAtA []byte, offset int, v uint64) int {
offset -= sovVerify(v)
base := offset
@@ -691,6 +930,10 @@ func (m *RequestVerificationHeader) Size() (n int) {
l = m.Token.Size()
n += 1 + l + sovVerify(uint64(l))
}
+ if m.Bearer != nil {
+ l = m.Bearer.Size()
+ n += 1 + l + sovVerify(uint64(l))
+ }
if m.XXX_unrecognized != nil {
n += len(m.XXX_unrecognized)
}
@@ -784,6 +1027,49 @@ func (m *TokenLifetime) Size() (n int) {
return n
}
+func (m *BearerTokenMsg) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = m.BearerTokenMsg_Info.Size()
+ n += 1 + l + sovVerify(uint64(l))
+ l = len(m.OwnerKey)
+ if l > 0 {
+ n += 1 + l + sovVerify(uint64(l))
+ }
+ l = len(m.Signature)
+ if l > 0 {
+ n += 1 + l + sovVerify(uint64(l))
+ }
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
+func (m *BearerTokenMsg_Info) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ l = len(m.ACLRules)
+ if l > 0 {
+ n += 1 + l + sovVerify(uint64(l))
+ }
+ l = m.OwnerID.Size()
+ n += 1 + l + sovVerify(uint64(l))
+ if m.ValidUntil != 0 {
+ n += 1 + sovVerify(uint64(m.ValidUntil))
+ }
+ if m.XXX_unrecognized != nil {
+ n += len(m.XXX_unrecognized)
+ }
+ return n
+}
+
func sovVerify(x uint64) (n int) {
return (math_bits.Len64(x|1) + 6) / 7
}
@@ -889,6 +1175,42 @@ func (m *RequestVerificationHeader) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
+ case 3:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field Bearer", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthVerify
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if m.Bearer == nil {
+ m.Bearer = &BearerTokenMsg{}
+ }
+ if err := m.Bearer.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipVerify(dAtA[iNdEx:])
@@ -1522,6 +1844,301 @@ func (m *TokenLifetime) Unmarshal(dAtA []byte) error {
}
return nil
}
+func (m *BearerTokenMsg) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: BearerTokenMsg: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: BearerTokenMsg: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field BearerTokenMsg_Info", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthVerify
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.BearerTokenMsg_Info.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 2:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field OwnerKey", wireType)
+ }
+ var byteLen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ byteLen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if byteLen < 0 {
+ return ErrInvalidLengthVerify
+ }
+ postIndex := iNdEx + byteLen
+ if postIndex < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.OwnerKey = append(m.OwnerKey[:0], dAtA[iNdEx:postIndex]...)
+ if m.OwnerKey == nil {
+ m.OwnerKey = []byte{}
+ }
+ iNdEx = postIndex
+ case 3:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field Signature", wireType)
+ }
+ var byteLen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ byteLen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if byteLen < 0 {
+ return ErrInvalidLengthVerify
+ }
+ postIndex := iNdEx + byteLen
+ if postIndex < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.Signature = append(m.Signature[:0], dAtA[iNdEx:postIndex]...)
+ if m.Signature == nil {
+ m.Signature = []byte{}
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipVerify(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func (m *BearerTokenMsg_Info) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: Info: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: Info: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ACLRules", wireType)
+ }
+ var byteLen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ byteLen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if byteLen < 0 {
+ return ErrInvalidLengthVerify
+ }
+ postIndex := iNdEx + byteLen
+ if postIndex < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.ACLRules = append(m.ACLRules[:0], dAtA[iNdEx:postIndex]...)
+ if m.ACLRules == nil {
+ m.ACLRules = []byte{}
+ }
+ iNdEx = postIndex
+ case 2:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field OwnerID", wireType)
+ }
+ var byteLen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ byteLen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if byteLen < 0 {
+ return ErrInvalidLengthVerify
+ }
+ postIndex := iNdEx + byteLen
+ if postIndex < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.OwnerID.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 3:
+ if wireType != 0 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ValidUntil", wireType)
+ }
+ m.ValidUntil = 0
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowVerify
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ m.ValidUntil |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ default:
+ iNdEx = preIndex
+ skippy, err := skipVerify(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if skippy < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if (iNdEx + skippy) < 0 {
+ return ErrInvalidLengthVerify
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
func skipVerify(dAtA []byte) (n int, err error) {
l := len(dAtA)
iNdEx := 0
diff --git a/service/verify.proto b/service/verify.proto
index a6619a6..a7e694f 100644
--- a/service/verify.proto
+++ b/service/verify.proto
@@ -23,6 +23,9 @@ message RequestVerificationHeader {
// Token is a token of the session within which the request is sent
Token Token = 2;
+
+ // Bearer is a Bearer token of the request
+ BearerTokenMsg Bearer = 3;
}
// User token granting rights for object manipulation
@@ -91,3 +94,26 @@ message TokenLifetime {
// uint32 Version = 2;
// bytes Data = 3;
// }
+
+// BearerTokenMsg carries information about request ACL rules with limited lifetime
+message BearerTokenMsg {
+ message Info {
+ // ACLRules carries a binary representation of the table of extended ACL rules
+ bytes ACLRules = 1;
+
+ // OwnerID is an owner of token
+ bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
+
+ // ValidUntil carries a last epoch of token lifetime
+ uint64 ValidUntil = 3;
+ }
+
+ // TokenInfo is a grouped information about token
+ Info TokenInfo = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
+
+ // OwnerKey is a public key of the token owner
+ bytes OwnerKey = 2;
+
+ // Signature is a signature of token information
+ bytes Signature = 3;
+}
diff --git a/service/verify_test.go b/service/verify_test.go
index e13f316..55ec65f 100644
--- a/service/verify_test.go
+++ b/service/verify_test.go
@@ -115,3 +115,16 @@ func TestRequestVerificationHeader_SetToken(t *testing.T) {
require.Equal(t, token, h.GetToken())
}
+
+func TestRequestVerificationHeader_SetBearer(t *testing.T) {
+ aclRules := []byte{1, 2, 3}
+
+ token := new(BearerTokenMsg)
+ token.SetACLRules(aclRules)
+
+ h := new(RequestVerificationHeader)
+
+ h.SetBearer(token)
+
+ require.Equal(t, token, h.GetBearer())
+}