[#32] Support full bearer token for object routes

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-08-18 18:41:33 +03:00 · 2022-08-18 18:41:33 +03:00 · 8d5d19f3c4
commit 8d5d19f3c4
parent e68cda7f9c
15 changed files with 434 additions and 228 deletions
--- a/handlers/auth.go
+++ b/handlers/auth.go
@ -106,7 +106,13 @@ func (a *API) PostAuth(params operations.AuthParams) middleware.Responder {

 // FormBinaryBearer handler that forms binary bearer token using headers with body and signature.
 func (a *API) FormBinaryBearer(params operations.FormBinaryBearerParams, principal *models.Principal) middleware.Responder {
-	btoken, err := getBearerToken(principal, params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect)
+	bearerHeaders, err := prepareBearerTokenHeaders(params.XBearerSignature, params.XBearerSignatureKey, *params.WalletConnect, false)
+	if err != nil {
+		resp := a.logAndGetErrorResponse("invalid bearer headers", err)
+		return operations.NewFormBinaryBearerBadRequest().WithPayload(resp)
+	}
+
+	btoken, err := getBearerToken(principal, bearerHeaders)
 	if err != nil {
 		resp := a.logAndGetErrorResponse("invalid bearer token", err)
 		return operations.NewFormBinaryBearerBadRequest().WithPayload(resp)