realloc/frostfs-testcases
1
0
Fork 0
forked from TrueCloudLab/frostfs-testcases
Code Issues Pull requests Projects Releases Packages Wiki Activity

[226] Tests: test for session token for object

Browse source 
A test for session token for object rewritten in pytest.

Signed-off-by: Elizaveta Chichindaeva <elizaveta@nspcc.ru>
This commit is contained in:
Elizaveta Chichindaeva 2022-09-05 12:35:46 +03:00
parent 3f6ba19a8b
commit 92cbc2e11b
6 changed files with 513 additions and 138 deletions
Download patch file Download diff file Expand all files Collapse all files

257
robot/resources/lib/python_keywords/neofs_verbs.py
View file

@ -19,10 +19,19 @@ from robot.api.deco import keyword
ROBOT_AUTO_KEYWORDS = False
@keyword('Get object')
def get_object(wallet: str, cid: str, oid: str, bearer_token: Optional[str] = None, write_object: str = "",
endpoint: str = "", xhdr: Optional[dict] = None, wallet_config: Optional[str] = None,
no_progress: bool = True) -> str:
@keyword("Get object")
def get_object(
wallet: str,
cid: str,
oid: str,
bearer_token: Optional[str] = None,
write_object: str = "",
endpoint: str = "",
xhdr: Optional[dict] = None,
wallet_config: Optional[str] = None,
no_progress: bool = True,
session: Optional[str] = None,
) -> str:
"""
GET from NeoFS.
@ -36,6 +45,7 @@ def get_object(wallet: str, cid: str, oid: str, bearer_token: Optional[str] = No
wallet_config(optional, str): path to the wallet config
no_progress(optional, bool): do not show progress bar
xhdr (optional, dict): Request X-Headers in form of Key=Value
session (optional, dict): path to a JSON-encoded container session token
Returns:
(str): path to downloaded file
"""
@ -49,16 +59,33 @@ def get_object(wallet: str, cid: str, oid: str, bearer_token: Optional[str] = No
endpoint = random.sample(NEOFS_NETMAP, 1)[0]
cli = NeofsCli(config=wallet_config)
cli.object.get(rpc_endpoint=endpoint, wallet=wallet, cid=cid, oid=oid, file=file_path,
bearer=bearer_token, no_progress=no_progress, xhdr=xhdr)
cli.object.get(
rpc_endpoint=endpoint or NEOFS_ENDPOINT,
wallet=wallet,
cid=cid,
oid=oid,
file=file_path,
bearer=bearer_token,
no_progress=no_progress,
xhdr=xhdr,
session=session,
)
return file_path
# TODO: make `bearer_token` optional
@keyword('Get Range Hash')
def get_range_hash(wallet: str, cid: str, oid: str, bearer_token: str, range_cut: str,
wallet_config: Optional[str] = None, xhdr: Optional[dict] = None):
@keyword("Get Range Hash")
def get_range_hash(
wallet: str,
cid: str,
oid: str,
bearer_token: str,
range_cut: str,
endpoint: Optional[str] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None,
):
"""
GETRANGEHASH of given Object.
@ -66,9 +93,10 @@ def get_range_hash(wallet: str, cid: str, oid: str, bearer_token: str, range_cut
wallet (str): wallet on whose behalf GETRANGEHASH is done
cid (str): ID of Container where we get the Object from
oid (str): Object ID
bearer_token (optional, str): path to Bearer Token file, appends to `--bearer` key
range_cut (str): Range to take hash from in the form offset1:length1,...,
value to pass to the `--range` parameter
bearer_token (optional, str): path to Bearer Token file, appends to `--bearer` key
endpoint (optional, str): NeoFS endpoint to send request to, appends to `--rpc-endpoint` key
wallet_config(optional, str): path to the wallet config
xhdr (optional, dict): Request X-Headers in form of Key=Value
Returns:
@ -77,17 +105,34 @@ def get_range_hash(wallet: str, cid: str, oid: str, bearer_token: str, range_cut
wallet_config = wallet_config or WALLET_CONFIG
cli = NeofsCli(config=wallet_config)
output = cli.object.hash(rpc_endpoint=NEOFS_ENDPOINT, wallet=wallet, cid=cid, oid=oid, range=range_cut,
bearer=bearer_token, xhdr=xhdr)
output = cli.object.hash(
rpc_endpoint=endpoint or NEOFS_ENDPOINT,
wallet=wallet,
cid=cid,
oid=oid,
range=range_cut,
bearer=bearer_token,
xhdr=xhdr,
)
# cutting off output about range offset and length
return output.split(':')[1].strip()
return output.split(":")[1].strip()
@keyword('Put object')
def put_object(wallet: str, path: str, cid: str, bearer: str = "", attributes: Optional[dict] = None,
xhdr: Optional[dict] = None, endpoint: str = "", wallet_config: Optional[str] = None,
expire_at: Optional[int] = None, no_progress: bool = True):
@keyword("Put object")
def put_object(
wallet: str,
path: str,
cid: str,
bearer: str = "",
attributes: Optional[dict] = None,
xhdr: Optional[dict] = None,
endpoint: Optional[str] = None,
wallet_config: Optional[str] = None,
expire_at: Optional[int] = None,
no_progress: bool = True,
session: Optional[str] = None,
):
"""
PUT of given file.
@ -102,6 +147,7 @@ def put_object(wallet: str, path: str, cid: str, bearer: str = "", attributes: O
no_progress(optional, bool): do not show progress bar
expire_at (optional, int): Last epoch in the life of the object
xhdr (optional, dict): Request X-Headers in form of Key=Value
session (optional, dict): path to a JSON-encoded container session token
Returns:
(str): ID of uploaded Object
"""
@ -109,21 +155,39 @@ def put_object(wallet: str, path: str, cid: str, bearer: str = "", attributes: O
if not endpoint:
endpoint = random.sample(NEOFS_NETMAP, 1)[0]
if not endpoint:
logger.info(f'---DEB:\n{NEOFS_NETMAP}')
logger.info(f"---DEB:\n{NEOFS_NETMAP}")
cli = NeofsCli(config=wallet_config)
output = cli.object.put(rpc_endpoint=endpoint, wallet=wallet, file=path, cid=cid, attributes=attributes,
bearer=bearer, expire_at=expire_at, no_progress=no_progress, xhdr=xhdr)
output = cli.object.put(
rpc_endpoint=endpoint,
wallet=wallet,
file=path,
cid=cid,
attributes=attributes,
bearer=bearer,
expire_at=expire_at,
no_progress=no_progress,
xhdr=xhdr,
session=session,
)
# splitting CLI output to lines and taking the penultimate line
id_str = output.strip().split('\n')[-2]
oid = id_str.split(':')[1]
id_str = output.strip().split("\n")[-2]
oid = id_str.split(":")[1]
return oid.strip()
@keyword('Delete object')
def delete_object(wallet: str, cid: str, oid: str, bearer: str = "", wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None):
@keyword("Delete object")
def delete_object(
wallet: str,
cid: str,
oid: str,
endpoint: Optional[str] = None,
bearer: str = "",
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None,
session: Optional[str] = None,
):
"""
DELETE an Object.
@ -132,25 +196,42 @@ def delete_object(wallet: str, cid: str, oid: str, bearer: str = "", wallet_conf
cid (str): ID of Container where we get the Object from
oid (str): ID of Object we are going to delete
bearer (optional, str): path to Bearer Token file, appends to `--bearer` key
endpoint (optional, str): NeoFS endpoint to send request to, appends to `--rpc-endpoint` key
wallet_config(optional, str): path to the wallet config
xhdr (optional, dict): Request X-Headers in form of Key=Value
session (optional, dict): path to a JSON-encoded container session token
Returns:
(str): Tombstone ID
"""
wallet_config = wallet_config or WALLET_CONFIG
cli = NeofsCli(config=wallet_config)
output = cli.object.delete(rpc_endpoint=NEOFS_ENDPOINT, wallet=wallet, cid=cid, oid=oid, bearer=bearer,
xhdr=xhdr)
output = cli.object.delete(
rpc_endpoint=endpoint or NEOFS_ENDPOINT,
wallet=wallet,
cid=cid,
oid=oid,
bearer=bearer,
xhdr=xhdr,
session=session,
)
id_str = output.split('\n')[1]
tombstone = id_str.split(':')[1]
id_str = output.split("\n")[1]
tombstone = id_str.split(":")[1]
return tombstone.strip()
@keyword('Get Range')
def get_range(wallet: str, cid: str, oid: str, range_cut: str, wallet_config: Optional[str] = None,
bearer: str = "", xhdr: Optional[dict] = None):
@keyword("Get Range")
def get_range(
wallet: str,
cid: str,
oid: str,
range_cut: str,
endpoint: Optional[str] = None,
wallet_config: Optional[str] = None,
bearer: str = "",
xhdr: Optional[dict] = None,
session: Optional[str] = None,
):
"""
GETRANGE an Object.
@ -159,9 +240,11 @@ def get_range(wallet: str, cid: str, oid: str, range_cut: str, wallet_config: Op
cid (str): ID of Container where we get the Object from
oid (str): ID of Object we are going to request
range_cut (str): range to take data from in the form offset:length
endpoint (optional, str): NeoFS endpoint to send request to, appends to `--rpc-endpoint` key
bearer (optional, str): path to Bearer Token file, appends to `--bearer` key
wallet_config(optional, str): path to the wallet config
xhdr (optional, dict): Request X-Headers in form of Key=Value
session (optional, dict): path to a JSON-encoded container session token
Returns:
(str, bytes) - path to the file with range content and content of this file as bytes
"""
@ -169,18 +252,35 @@ def get_range(wallet: str, cid: str, oid: str, range_cut: str, wallet_config: Op
range_file = f"{ASSETS_DIR}/{uuid.uuid4()}"
cli = NeofsCli(config=wallet_config)
cli.object.range(rpc_endpoint=NEOFS_ENDPOINT, wallet=wallet, cid=cid, oid=oid, range=range_cut, file=range_file,
bearer=bearer, xhdr=xhdr)
cli.object.range(
rpc_endpoint=endpoint or NEOFS_ENDPOINT,
wallet=wallet,
cid=cid,
oid=oid,
range=range_cut,
file=range_file,
bearer=bearer,
xhdr=xhdr,
session=session,
)
with open(range_file, 'rb') as fout:
with open(range_file, "rb") as fout:
content = fout.read()
return range_file, content
@keyword('Search object')
def search_object(wallet: str, cid: str, bearer: str = "", filters: Optional[dict] = None,
expected_objects_list: Optional[list] = None, wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None) -> list:
@keyword("Search object")
def search_object(
wallet: str,
cid: str,
bearer: str = "",
endpoint: Optional[str] = None,
filters: Optional[dict] = None,
expected_objects_list: Optional[list] = None,
wallet_config: Optional[str] = None,
xhdr: Optional[dict] = None,
session: Optional[str] = None,
) -> list:
"""
SEARCH an Object.
@ -188,10 +288,12 @@ def search_object(wallet: str, cid: str, bearer: str = "", filters: Optional[dic
wallet (str): wallet on whose behalf SEARCH is done
cid (str): ID of Container where we get the Object from
bearer (optional, str): path to Bearer Token file, appends to `--bearer` key
endpoint (optional, str): NeoFS endpoint to send request to, appends to `--rpc-endpoint` key
filters (optional, dict): key=value pairs to filter Objects
expected_objects_list (optional, list): a list of ObjectIDs to compare found Objects with
wallet_config(optional, str): path to the wallet config
xhdr (optional, dict): Request X-Headers in form of Key=Value
session (optional, dict): path to a JSON-encoded container session token
Returns:
(list): list of found ObjectIDs
"""
@ -199,26 +301,51 @@ def search_object(wallet: str, cid: str, bearer: str = "", filters: Optional[dic
wallet_config = wallet_config or WALLET_CONFIG
cli = NeofsCli(config=wallet_config)
output = cli.object.search(
rpc_endpoint=NEOFS_ENDPOINT, wallet=wallet, cid=cid, bearer=bearer, xhdr=xhdr,
filters=[f'{filter_key} EQ {filter_val}' for filter_key, filter_val in filters.items()] if filters else None)
rpc_endpoint=endpoint or NEOFS_ENDPOINT,
wallet=wallet,
cid=cid,
bearer=bearer,
xhdr=xhdr,
filters=[
f"{filter_key} EQ {filter_val}"
for filter_key, filter_val in filters.items()
]
if filters
else None,
session=session,
)
found_objects = re.findall(r'(\w{43,44})', output)
found_objects = re.findall(r"(\w{43,44})", output)
if expected_objects_list:
if sorted(found_objects) == sorted(expected_objects_list):
logger.info(f"Found objects list '{found_objects}' ",
f"is equal for expected list '{expected_objects_list}'")
logger.info(
f"Found objects list '{found_objects}' ",
f"is equal for expected list '{expected_objects_list}'",
)
else:
logger.warn(f"Found object list {found_objects} ",
f"is not equal to expected list '{expected_objects_list}'")
logger.warn(
f"Found object list {found_objects} ",
f"is not equal to expected list '{expected_objects_list}'",
)
return found_objects
@keyword('Head object')
def head_object(wallet: str, cid: str, oid: str, bearer_token: str = "",
xhdr: Optional[dict] = None, endpoint: str = None, json_output: bool = True,
is_raw: bool = False, is_direct: bool = False, wallet_config: Optional[str] = None):
@keyword("Head object")
def head_object(
wallet: str,
cid: str,
oid: str,
bearer_token: str = "",
xhdr: Optional[dict] = None,
endpoint: Optional[str] = None,
json_output: bool = True,
is_raw: bool = False,
is_direct: bool = False,
wallet_config: Optional[str] = None,
session: Optional[str] = None,
):
"""
HEAD an Object.
@ -236,6 +363,7 @@ def head_object(wallet: str, cid: str, oid: str, bearer_token: str = "",
turns into `--ttl 1` key
wallet_config(optional, str): path to the wallet config
xhdr (optional, dict): Request X-Headers in form of Key=Value
session (optional, dict): path to a JSON-encoded container session token
Returns:
depending on the `json_output` parameter value, the function returns
(dict): HEAD response in JSON format
@ -245,9 +373,18 @@ def head_object(wallet: str, cid: str, oid: str, bearer_token: str = "",
wallet_config = wallet_config or WALLET_CONFIG
cli = NeofsCli(config=wallet_config)
output = cli.object.head(rpc_endpoint=endpoint or NEOFS_ENDPOINT, wallet=wallet, cid=cid, oid=oid,
bearer=bearer_token, json_mode=json_output, raw=is_raw,
ttl=1 if is_direct else None, xhdr=xhdr)
output = cli.object.head(
rpc_endpoint=endpoint or NEOFS_ENDPOINT,
wallet=wallet,
cid=cid,
oid=oid,
bearer=bearer_token,
json_mode=json_output,
raw=is_raw,
ttl=1 if is_direct else None,
xhdr=xhdr,
session=session,
)
if not json_output:
return output
@ -260,26 +397,26 @@ def head_object(wallet: str, cid: str, oid: str, bearer_token: str = "",
# Here we cut off first string and try to parse again.
logger.info(f"failed to parse output: {exc}")
logger.info("parsing output in another way")
fst_line_idx = output.find('\n')
fst_line_idx = output.find("\n")
decoded = json.loads(output[fst_line_idx:])
# If response is Complex Object header, it has `splitId` key
if 'splitId' in decoded.keys():
if "splitId" in decoded.keys():
logger.info("decoding split header")
return json_transformers.decode_split_header(decoded)
# If response is Last or Linking Object header,
# it has `header` dictionary and non-null `split` dictionary
if 'split' in decoded['header'].keys():
if decoded['header']['split']:
if "split" in decoded["header"].keys():
if decoded["header"]["split"]:
logger.info("decoding linking object")
return json_transformers.decode_linking_object(decoded)
if decoded['header']['objectType'] == 'STORAGE_GROUP':
if decoded["header"]["objectType"] == "STORAGE_GROUP":
logger.info("decoding storage group")
return json_transformers.decode_storage_group(decoded)
if decoded['header']['objectType'] == 'TOMBSTONE':
if decoded["header"]["objectType"] == "TOMBSTONE":
logger.info("decoding tombstone")
return json_transformers.decode_tombstone(decoded)

115
robot/resources/lib/python_keywords/session_token.py
View file

@ -9,94 +9,109 @@ import json
import os
import uuid
from neo3 import wallet
from common import WALLET_CONFIG, ASSETS_DIR
from cli_helpers import _cmd_run
import json_transformers
from robot.api.deco import keyword
from cli_helpers import _cmd_run, _run_with_passwd
from common import ASSETS_DIR, NEOFS_ENDPOINT, WALLET_CONFIG
from neo3 import wallet
from robot.api import logger
from robot.api.deco import keyword
ROBOT_AUTO_KEYWORDS = False
# path to neofs-cli executable
NEOFS_CLI_EXEC = os.getenv('NEOFS_CLI_EXEC', 'neofs-cli')
NEOFS_CLI_EXEC = os.getenv("NEOFS_CLI_EXEC", "neofs-cli")
@keyword('Generate Session Token')
def generate_session_token(owner: str, session_wallet: str, cid: str = '') -> str:
@keyword("Generate Session Token")
def generate_session_token(owner: str, session_wallet: str, cid: str = "") -> str:
"""
This function generates session token for ContainerSessionContext
and writes it to the file. It is able to prepare session token file
for a specific container (<cid>) or for every container (adds
"wildcard" field).
Args:
owner(str): wallet address of container owner
session_wallet(str): the path to wallet to which we grant the
access via session token
cid(optional, str): container ID of the container; if absent,
we assume the session token is generated for any
container
Returns:
(str): the path to the generated session token file
This function generates session token for ContainerSessionContext
and writes it to the file. It is able to prepare session token file
for a specific container (<cid>) or for every container (adds
"wildcard" field).
Args:
owner(str): wallet address of container owner
session_wallet(str): the path to wallet to which we grant the
access via session token
cid(optional, str): container ID of the container; if absent,
we assume the session token is generated for any
container
Returns:
(str): the path to the generated session token file
"""
file_path = f"{os.getcwd()}/{ASSETS_DIR}/{uuid.uuid4()}"
session_wlt_content = ''
session_wlt_content = ""
with open(session_wallet) as fout:
session_wlt_content = json.load(fout)
session_wlt = wallet.Wallet.from_json(session_wlt_content, password="")
pub_key_64 = base64.b64encode(
bytes.fromhex(
str(session_wlt.accounts[0].public_key)
)
).decode('utf-8')
bytes.fromhex(str(session_wlt.accounts[0].public_key))
).decode("utf-8")
session_token = {
"body": {
"id": f"{base64.b64encode(uuid.uuid4().bytes).decode('utf-8')}",
"ownerID": {
"value": f"{json_transformers.encode_for_json(owner)}"
},
"lifetime": {
"exp": "100000000",
"nbf": "0",
"iat": "0"
},
"ownerID": {"value": f"{json_transformers.encode_for_json(owner)}"},
"lifetime": {"exp": "100000000", "nbf": "0", "iat": "0"},
"sessionKey": f"{pub_key_64}",
"container": {
"verb": "PUT",
"wildcard": cid != '',
**({"containerID":
{"value": f"{base64.b64encode(cid.encode('utf-8')).decode('utf-8')}"}
} if cid != '' else {}
)
}
"wildcard": cid != "",
**(
{
"containerID": {
"value": f"{base64.b64encode(cid.encode('utf-8')).decode('utf-8')}"
}
}
if cid != ""
else {}
),
},
}
}
logger.info(f"Got this Session Token: {session_token}")
with open(file_path, 'w', encoding='utf-8') as session_token_file:
with open(file_path, "w", encoding="utf-8") as session_token_file:
json.dump(session_token, session_token_file, ensure_ascii=False, indent=4)
return file_path
@keyword('Sign Session Token')
@keyword("Create Session Token")
def create_session_token(owner: str, wallet_path: str, rpc: str = NEOFS_ENDPOINT):
"""
Create session token for an object.
Args:
owner(str): user that writes the token
session_wallet(str): the path to wallet to which we grant the
access via session token
Returns:
(str): the path to the generated session token file
"""
session_token = f"{os.getcwd()}/{ASSETS_DIR}/{uuid.uuid4()}"
cmd = (
f"{NEOFS_CLI_EXEC} session create --address {owner} -w {wallet_path} "
f"--out {session_token} --rpc-endpoint {rpc}"
)
_run_with_passwd(cmd)
return session_token
@keyword("Sign Session Token")
def sign_session_token(session_token: str, wlt: str):
"""
This function signs the session token by the given wallet.
Args:
session_token(str): the path to the session token file
wlt(str): the path to the signing wallet
Returns:
(str): the path to the signed token
This function signs the session token by the given wallet.
Args:
session_token(str): the path to the session token file
wlt(str): the path to the signing wallet
Returns:
(str): the path to the signed token
"""
signed_token = f"{os.getcwd()}/{ASSETS_DIR}/{uuid.uuid4()}"
cmd = (
f'{NEOFS_CLI_EXEC} util sign session-token --from {session_token} '
f'-w {wlt} --to {signed_token} --config {WALLET_CONFIG}'
f"{NEOFS_CLI_EXEC} util sign session-token --from {session_token} "
f"-w {wlt} --to {signed_token} --config {WALLET_CONFIG}"
)
_cmd_run(cmd)
return signed_token