forked from TrueCloudLab/frostfs-api-go
session: Add owner's public key into session token
We want to remove all innner ring queries to authenticate owner by public keys. Therefore we put public keys into session token. Later public keys could be gathered with NeoID or other centre of authority.
This commit is contained in:
parent
beb13d5a9f
commit
e88a6ee028
2 changed files with 83 additions and 24 deletions
|
@ -92,6 +92,8 @@ type Token struct {
|
||||||
Signature []byte `protobuf:"bytes,6,opt,name=Signature,proto3" json:"Signature,omitempty"`
|
Signature []byte `protobuf:"bytes,6,opt,name=Signature,proto3" json:"Signature,omitempty"`
|
||||||
// ID is a token identifier. valid UUIDv4 represented in bytes
|
// ID is a token identifier. valid UUIDv4 represented in bytes
|
||||||
ID TokenID `protobuf:"bytes,7,opt,name=ID,proto3,customtype=TokenID" json:"ID"`
|
ID TokenID `protobuf:"bytes,7,opt,name=ID,proto3,customtype=TokenID" json:"ID"`
|
||||||
|
// PublicKeys associated with owner
|
||||||
|
PublicKeys [][]byte `protobuf:"bytes,8,rep,name=PublicKeys,proto3" json:"PublicKeys,omitempty"`
|
||||||
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
||||||
XXX_unrecognized []byte `json:"-"`
|
XXX_unrecognized []byte `json:"-"`
|
||||||
XXX_sizecache int32 `json:"-"`
|
XXX_sizecache int32 `json:"-"`
|
||||||
|
@ -154,6 +156,13 @@ func (m *Token) GetSignature() []byte {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (m *Token) GetPublicKeys() [][]byte {
|
||||||
|
if m != nil {
|
||||||
|
return m.PublicKeys
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
proto.RegisterType((*VerificationHeader)(nil), "session.VerificationHeader")
|
proto.RegisterType((*VerificationHeader)(nil), "session.VerificationHeader")
|
||||||
proto.RegisterType((*Token)(nil), "session.Token")
|
proto.RegisterType((*Token)(nil), "session.Token")
|
||||||
|
@ -162,29 +171,30 @@ func init() {
|
||||||
func init() { proto.RegisterFile("session/types.proto", fileDescriptor_c0d9d9cb855cdad8) }
|
func init() { proto.RegisterFile("session/types.proto", fileDescriptor_c0d9d9cb855cdad8) }
|
||||||
|
|
||||||
var fileDescriptor_c0d9d9cb855cdad8 = []byte{
|
var fileDescriptor_c0d9d9cb855cdad8 = []byte{
|
||||||
// 344 bytes of a gzipped FileDescriptorProto
|
// 358 bytes of a gzipped FileDescriptorProto
|
||||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x91, 0x4d, 0x4b, 0xc3, 0x30,
|
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x91, 0xcd, 0x4e, 0xe3, 0x30,
|
||||||
0x18, 0xc7, 0x97, 0xee, 0x4d, 0xe3, 0x40, 0x89, 0x97, 0xa2, 0xd2, 0x8d, 0x9d, 0x2a, 0xb8, 0x16,
|
0x14, 0x85, 0x9b, 0xf4, 0x77, 0x3c, 0x95, 0x66, 0xe4, 0xd9, 0x44, 0x03, 0x4a, 0xab, 0xae, 0x82,
|
||||||
0xf4, 0xe4, 0xc5, 0x43, 0xa9, 0x62, 0x99, 0x30, 0xa9, 0xb2, 0x83, 0xb7, 0x36, 0xcb, 0xba, 0xf8,
|
0x44, 0x13, 0x09, 0x56, 0x6c, 0x58, 0x44, 0x01, 0x11, 0x15, 0xa9, 0xc8, 0xa0, 0x2e, 0xd8, 0x25,
|
||||||
0x92, 0x94, 0x26, 0x55, 0xf6, 0x4d, 0xf6, 0x91, 0x76, 0xf4, 0x28, 0x1e, 0x86, 0xd4, 0x2f, 0x22,
|
0xae, 0x9b, 0x9a, 0x1f, 0x3b, 0x8a, 0x1d, 0x50, 0xdf, 0x84, 0x47, 0xe1, 0x11, 0xba, 0x64, 0x89,
|
||||||
0x4b, 0xbb, 0x75, 0xc3, 0xdb, 0xf3, 0xfc, 0xfe, 0xc9, 0xf3, 0xf2, 0x7f, 0xe0, 0xa1, 0x20, 0x42,
|
0x58, 0x54, 0x28, 0xbc, 0x08, 0x8a, 0x93, 0xa6, 0xad, 0xd8, 0xdd, 0xfb, 0x1d, 0xfb, 0x9e, 0xeb,
|
||||||
0x50, 0xce, 0x6c, 0x39, 0x8d, 0x89, 0xb0, 0xe2, 0x84, 0x4b, 0x8e, 0x9a, 0x05, 0x3c, 0xea, 0x45,
|
0x63, 0xf0, 0x4f, 0x10, 0x21, 0x28, 0x67, 0x8e, 0x5c, 0xc4, 0x44, 0xd8, 0x71, 0xc2, 0x25, 0x87,
|
||||||
0x54, 0x4e, 0xd2, 0xd0, 0xc2, 0xfc, 0xcd, 0x8e, 0x78, 0xc4, 0x6d, 0xa5, 0x87, 0xe9, 0x58, 0x65,
|
0xed, 0x12, 0xfe, 0x1f, 0x46, 0x54, 0xce, 0xd3, 0xd0, 0xc6, 0xfc, 0xd1, 0x89, 0x78, 0xc4, 0x1d,
|
||||||
0x2a, 0x51, 0x51, 0xfe, 0xaf, 0x3b, 0x84, 0x68, 0x48, 0x12, 0x3a, 0xa6, 0x38, 0x90, 0x94, 0xb3,
|
0xa5, 0x87, 0xe9, 0x4c, 0x75, 0xaa, 0x51, 0x55, 0x71, 0x6f, 0x30, 0x01, 0x70, 0x42, 0x12, 0x3a,
|
||||||
0x5b, 0x12, 0x8c, 0x48, 0x82, 0x4e, 0xe0, 0xee, 0x7d, 0x1a, 0xbe, 0x52, 0xdc, 0x27, 0x53, 0x1d,
|
0xa3, 0x38, 0x90, 0x94, 0xb3, 0x0b, 0x12, 0x4c, 0x49, 0x02, 0xf7, 0xc1, 0xaf, 0xab, 0x34, 0x7c,
|
||||||
0x74, 0x80, 0xd9, 0xf2, 0x4b, 0x80, 0xba, 0xb0, 0xd5, 0x27, 0xd3, 0x07, 0x1a, 0xb1, 0x40, 0xa6,
|
0xa0, 0x78, 0x44, 0x16, 0x86, 0xd6, 0xd7, 0xac, 0x2e, 0xda, 0x00, 0x38, 0x00, 0xdd, 0x11, 0x59,
|
||||||
0x09, 0xd1, 0x35, 0xf5, 0x60, 0x8b, 0x75, 0x67, 0x1a, 0xac, 0x3f, 0xf2, 0x17, 0xc2, 0xd0, 0x25,
|
0x5c, 0xd3, 0x88, 0x05, 0x32, 0x4d, 0x88, 0xa1, 0xab, 0x03, 0x3b, 0x6c, 0xf0, 0xaa, 0x83, 0xe6,
|
||||||
0x6c, 0xe4, 0x55, 0x55, 0xa1, 0xbd, 0xf3, 0x63, 0xab, 0x18, 0xd5, 0xfa, 0xdf, 0xd8, 0xa9, 0xcd,
|
0x0d, 0xbf, 0x27, 0x0c, 0x9e, 0x80, 0x56, 0x31, 0x55, 0x0d, 0xfa, 0x7d, 0xb4, 0x67, 0x97, 0xab,
|
||||||
0x17, 0xed, 0x8a, 0x5f, 0x7c, 0x40, 0xa7, 0xb0, 0x39, 0xf8, 0x60, 0x24, 0xf1, 0xdc, 0xbc, 0x87,
|
0xda, 0x3f, 0x8d, 0xdd, 0xc6, 0x72, 0xd5, 0xab, 0xa1, 0xf2, 0x02, 0x3c, 0x00, 0xed, 0xf1, 0x33,
|
||||||
0xb3, 0xbf, 0x94, 0xbf, 0x17, 0xed, 0x15, 0xf6, 0x57, 0x01, 0x32, 0x20, 0xbc, 0xa1, 0x89, 0x90,
|
0x23, 0x89, 0xef, 0x15, 0x1e, 0xee, 0x9f, 0x5c, 0xfe, 0x58, 0xf5, 0xd6, 0x18, 0xad, 0x0b, 0x68,
|
||||||
0xd7, 0x31, 0xc7, 0x13, 0xbd, 0xda, 0x01, 0x66, 0xcd, 0xdf, 0x20, 0xcb, 0x8d, 0xee, 0x82, 0x95,
|
0x02, 0x70, 0x4e, 0x13, 0x21, 0xcf, 0x62, 0x8e, 0xe7, 0x46, 0xbd, 0xaf, 0x59, 0x0d, 0xb4, 0x45,
|
||||||
0x5c, 0x53, 0x72, 0x09, 0xd0, 0x19, 0xdc, 0x19, 0x84, 0xcf, 0x04, 0x4b, 0xcf, 0xd5, 0xeb, 0x9d,
|
0xf2, 0x17, 0x5d, 0x06, 0x6b, 0xb9, 0xa1, 0xe4, 0x0d, 0x80, 0x87, 0xa0, 0x33, 0x0e, 0xef, 0x08,
|
||||||
0xaa, 0xd9, 0x72, 0x0e, 0x8a, 0x4e, 0x6b, 0xee, 0xaf, 0xa3, 0x65, 0xad, 0x72, 0xf9, 0x46, 0xee,
|
0x96, 0xbe, 0x67, 0x34, 0xfb, 0x75, 0xab, 0xeb, 0xfe, 0x2d, 0x9d, 0x2a, 0x8e, 0xaa, 0x2a, 0x9f,
|
||||||
0xce, 0x1a, 0xa0, 0x36, 0xd4, 0x3c, 0x57, 0x6f, 0x6e, 0xcf, 0xab, 0xac, 0xf0, 0x5c, 0x5f, 0xf3,
|
0xb5, 0x79, 0x7c, 0xab, 0x48, 0xa7, 0x02, 0xb0, 0x07, 0x74, 0xdf, 0x33, 0xda, 0xbb, 0xfb, 0xaa,
|
||||||
0x5c, 0xe7, 0x6a, 0x9e, 0x19, 0xe0, 0x33, 0x33, 0xc0, 0x57, 0x66, 0x80, 0x9f, 0xcc, 0x00, 0xb3,
|
0x28, 0x7c, 0x0f, 0xe9, 0xc5, 0xaa, 0x55, 0x96, 0xc2, 0xe8, 0xe4, 0x76, 0x68, 0x8b, 0xb8, 0xa7,
|
||||||
0x5f, 0xa3, 0xf2, 0x64, 0x6e, 0xdc, 0x8d, 0x89, 0x18, 0xe3, 0xde, 0x88, 0xbc, 0xdb, 0x8c, 0xf0,
|
0xcb, 0xcc, 0xd4, 0xde, 0x32, 0x53, 0x7b, 0xcf, 0x4c, 0xed, 0x33, 0x33, 0xb5, 0x97, 0x2f, 0xb3,
|
||||||
0xb1, 0xe8, 0xe5, 0x57, 0x2b, 0x6c, 0x0b, 0x1b, 0x2a, 0xbd, 0xf8, 0x0b, 0x00, 0x00, 0xff, 0xff,
|
0x76, 0x6b, 0x6d, 0xfd, 0x2b, 0x13, 0x31, 0xc6, 0xc3, 0x29, 0x79, 0x72, 0x18, 0xe1, 0x33, 0x31,
|
||||||
0xc6, 0x87, 0x25, 0xf9, 0x08, 0x02, 0x00, 0x00,
|
0x2c, 0x7e, 0xb5, 0x8c, 0x35, 0x6c, 0xa9, 0xf6, 0xf8, 0x3b, 0x00, 0x00, 0xff, 0xff, 0xbe, 0x33,
|
||||||
|
0xae, 0xb5, 0x28, 0x02, 0x00, 0x00,
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *VerificationHeader) Marshal() (dAtA []byte, err error) {
|
func (m *VerificationHeader) Marshal() (dAtA []byte, err error) {
|
||||||
|
@ -252,6 +262,15 @@ func (m *Token) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
||||||
i -= len(m.XXX_unrecognized)
|
i -= len(m.XXX_unrecognized)
|
||||||
copy(dAtA[i:], m.XXX_unrecognized)
|
copy(dAtA[i:], m.XXX_unrecognized)
|
||||||
}
|
}
|
||||||
|
if len(m.PublicKeys) > 0 {
|
||||||
|
for iNdEx := len(m.PublicKeys) - 1; iNdEx >= 0; iNdEx-- {
|
||||||
|
i -= len(m.PublicKeys[iNdEx])
|
||||||
|
copy(dAtA[i:], m.PublicKeys[iNdEx])
|
||||||
|
i = encodeVarintTypes(dAtA, i, uint64(len(m.PublicKeys[iNdEx])))
|
||||||
|
i--
|
||||||
|
dAtA[i] = 0x42
|
||||||
|
}
|
||||||
|
}
|
||||||
{
|
{
|
||||||
size := m.ID.Size()
|
size := m.ID.Size()
|
||||||
i -= size
|
i -= size
|
||||||
|
@ -375,6 +394,12 @@ func (m *Token) Size() (n int) {
|
||||||
}
|
}
|
||||||
l = m.ID.Size()
|
l = m.ID.Size()
|
||||||
n += 1 + l + sovTypes(uint64(l))
|
n += 1 + l + sovTypes(uint64(l))
|
||||||
|
if len(m.PublicKeys) > 0 {
|
||||||
|
for _, b := range m.PublicKeys {
|
||||||
|
l = len(b)
|
||||||
|
n += 1 + l + sovTypes(uint64(l))
|
||||||
|
}
|
||||||
|
}
|
||||||
if m.XXX_unrecognized != nil {
|
if m.XXX_unrecognized != nil {
|
||||||
n += len(m.XXX_unrecognized)
|
n += len(m.XXX_unrecognized)
|
||||||
}
|
}
|
||||||
|
@ -744,6 +769,38 @@ func (m *Token) Unmarshal(dAtA []byte) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
iNdEx = postIndex
|
iNdEx = postIndex
|
||||||
|
case 8:
|
||||||
|
if wireType != 2 {
|
||||||
|
return fmt.Errorf("proto: wrong wireType = %d for field PublicKeys", wireType)
|
||||||
|
}
|
||||||
|
var byteLen int
|
||||||
|
for shift := uint(0); ; shift += 7 {
|
||||||
|
if shift >= 64 {
|
||||||
|
return ErrIntOverflowTypes
|
||||||
|
}
|
||||||
|
if iNdEx >= l {
|
||||||
|
return io.ErrUnexpectedEOF
|
||||||
|
}
|
||||||
|
b := dAtA[iNdEx]
|
||||||
|
iNdEx++
|
||||||
|
byteLen |= int(b&0x7F) << shift
|
||||||
|
if b < 0x80 {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if byteLen < 0 {
|
||||||
|
return ErrInvalidLengthTypes
|
||||||
|
}
|
||||||
|
postIndex := iNdEx + byteLen
|
||||||
|
if postIndex < 0 {
|
||||||
|
return ErrInvalidLengthTypes
|
||||||
|
}
|
||||||
|
if postIndex > l {
|
||||||
|
return io.ErrUnexpectedEOF
|
||||||
|
}
|
||||||
|
m.PublicKeys = append(m.PublicKeys, make([]byte, postIndex-iNdEx))
|
||||||
|
copy(m.PublicKeys[len(m.PublicKeys)-1], dAtA[iNdEx:postIndex])
|
||||||
|
iNdEx = postIndex
|
||||||
default:
|
default:
|
||||||
iNdEx = preIndex
|
iNdEx = preIndex
|
||||||
skippy, err := skipTypes(dAtA[iNdEx:])
|
skippy, err := skipTypes(dAtA[iNdEx:])
|
||||||
|
|
|
@ -29,4 +29,6 @@ message Token {
|
||||||
bytes Signature = 6;
|
bytes Signature = 6;
|
||||||
// ID is a token identifier. valid UUIDv4 represented in bytes
|
// ID is a token identifier. valid UUIDv4 represented in bytes
|
||||||
bytes ID = 7 [(gogoproto.customtype) = "TokenID", (gogoproto.nullable) = false];
|
bytes ID = 7 [(gogoproto.customtype) = "TokenID", (gogoproto.nullable) = false];
|
||||||
|
// PublicKeys associated with owner
|
||||||
|
repeated bytes PublicKeys = 8;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue