Documentation ¶
Index ¶
- Constants
- Variables
- func DefaultGaterOptions(gater *GateModular, cfg *gfspconfig.GfSpConfig) error
- func MakeErrorResponse(w http.ResponseWriter, err error)
- func NewGateModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)
- func RecoverAddr(msg []byte, sig []byte) (sdk.AccAddress, ethsecp256k1.PubKey, error)
- func VerifyPersonalSignature(signedMsg string, sigString string) (sdk.AccAddress, error)
- type GateModular
- func (g *GateModular) Name() string
- func (g *GateModular) RegisterHandler(router *mux.Router)
- func (g *GateModular) ReleaseResource(ctx context.Context, span rcmgr.ResourceScopeSpan)
- func (g *GateModular) ReserveResource(ctx context.Context, state *rcmgr.ScopeStat) (rcmgr.ResourceScopeSpan, error)
- func (g *GateModular) Start(ctx context.Context) error
- func (g *GateModular) Stop(ctx context.Context) error
- type RequestContext
- func (r *RequestContext) Account() string
- func (r *RequestContext) Cancel()
- func (r *RequestContext) Context() context.Context
- func (r *RequestContext) NeedVerifyAuthentication() bool
- func (r *RequestContext) SetError(err error)
- func (r *RequestContext) SetHttpCode(code int)
- func (r *RequestContext) String() string
- func (r *RequestContext) VerifySignature() (string, error)
Constants ¶
const ( MaxExpiryAgeInSec int32 = 3600 * 24 * 7 // 7 days ExpiryDateFormat string = time.RFC3339 )
const ( // ContentTypeHeader is used to indicate the media type of the resource ContentTypeHeader = "Content-Type" // ContentLengthHeader indicates the size of the message body, in bytes ContentLengthHeader = "Content-Length" // RangeHeader asks the server to send only a portion of an HTTP message back to a client RangeHeader = "Range" // ContentRangeHeader response HTTP header indicates where in a full body message a partial message belongs ContentRangeHeader = "Content-Range" // OctetStream is used to indicate the binary files OctetStream = "application/octet-stream" // ContentTypeJSONHeaderValue is used to indicate json ContentTypeJSONHeaderValue = "application/json" // ContentTypeXMLHeaderValue is used to indicate xml ContentTypeXMLHeaderValue = "application/xml" // ContentDispositionHeader is used to indicate the media disposition of the resource ContentDispositionHeader = "Content-Disposition" // ContentDispositionAttachmentValue is used to indicate attachment ContentDispositionAttachmentValue = "attachment" // ContentDispositionInlineValue is used to indicate inline ContentDispositionInlineValue = "inline" // SignAlgorithm uses secp256k1 with the ECDSA algorithm SignAlgorithm = "ECDSA-secp256k1" // SignedMsg is the request hash SignedMsg = "SignedMsg" // Signature is the request signature Signature = "Signature" // SignTypeV1 is an authentication algorithm, which is used by dapps SignTypeV1 = "authTypeV1" // SignTypeV2 is an authentication algorithm, which is used by metamask SignTypeV2 = "authTypeV2" SignTypeOffChain = "OffChainAuth" // sign type - off-chain-auth SignTypePersonal = "PersonalSign" // sign type - PersonalSign SignAlgorithmEddsa = "EDDSA" // GetApprovalPath defines get-approval path style suffix GetApprovalPath = "/greenfield/admin/v1/get-approval" // ActionQuery defines get-approval's type, currently include create bucket and create object ActionQuery = "action" // UploadProgressQuery defines upload progress query, which is used to route request UploadProgressQuery = "upload-progress" // GetBucketReadQuotaQuery defines bucket read quota query, which is used to route request GetBucketReadQuotaQuery = "read-quota" // GetBucketReadQuotaMonthQuery defines bucket read quota query month GetBucketReadQuotaMonthQuery = "year-month" // ListBucketReadRecordQuery defines list bucket read record query, which is used to route request ListBucketReadRecordQuery = "list-read-record" // ListBucketReadRecordMaxRecordsQuery defines list read record max num ListBucketReadRecordMaxRecordsQuery = "max-records" // ListObjectsMaxKeysQuery defines the maximum number of keys returned to the response ListObjectsMaxKeysQuery = "max-keys" // ListObjectsStartAfterQuery defines where you want to start listing from ListObjectsStartAfterQuery = "start-after" // ListObjectsContinuationTokenQuery indicates that the list is being continued on this bucket with a token ListObjectsContinuationTokenQuery = "continuation-token" // ListObjectsDelimiterQuery defines a character you use to group keys ListObjectsDelimiterQuery = "delimiter" // ListObjectsPrefixQuery defines limits the response to keys that begin with the specified prefix ListObjectsPrefixQuery = "prefix" // GetBucketMetaQuery defines get bucket metadata query, which is used to route request GetBucketMetaQuery = "bucket-meta" // GetObjectMetaQuery defines get object metadata query, which is used to route request GetObjectMetaQuery = "object-meta" // GetGroupListSourceTypeQuery defines get group list source type query, which is used to route request GetGroupListSourceTypeQuery = "source-type" // GetGroupListLimitQuery defines get group list limit query, which is used to route request GetGroupListLimitQuery = "limit" // GetGroupListOffsetQuery defines get group list offset query, which is used to route request GetGroupListOffsetQuery = "offset" // GetGroupListGroupQuery defines get group list group query, which is used to route request GetGroupListGroupQuery = "group-query" // ListBucketsByBucketID defines list buckets by bucket ids, which is used to route request ListBucketsByBucketID = "buckets-query" // ListObjectsByObjectID defines list objects by object ids, which is used to route request ListObjectsByObjectID = "objects-query" // GetGroupListNameQuery defines get group list name query, which is used to route request GetGroupListNameQuery = "name" // GetGroupListPrefixQuery defines get group list prefix query, which is used to route request GetGroupListPrefixQuery = "prefix" // StartTimestampUs defines start timestamp in microsecond, which is used by list read record, [start_ts,end_ts) StartTimestampUs = "start-timestamp" // EndTimestampUs defines end timestamp in microsecond, which is used by list read record, [start_ts,end_ts) EndTimestampUs = "end-timestamp" // VerifyPermissionObjectQuery defines verify permission object name VerifyPermissionObjectQuery = "object" // VerifyPermissionOperator defines verify permission operator address VerifyPermissionOperator = "operator" // VerifyPermissionActionType defines verify permission action type VerifyPermissionActionType = "action-type" // GetChallengeInfoPath defines get challenge info path style suffix GetChallengeInfoPath = "/greenfield/admin/v1/challenge" // ReplicateObjectPiecePath defines replicate-object path style ReplicateObjectPiecePath = "/greenfield/receiver/v1/replicate-piece" // AuthRequestNoncePath defines path to request auth nonce AuthRequestNoncePath = "/auth/request_nonce" // AuthUpdateKeyPath defines path to update user public key AuthUpdateKeyPath = "/auth/update_key" // GnfdRequestIDHeader defines trace-id, trace request in sp GnfdRequestIDHeader = "X-Gnfd-Request-ID" // GnfdAuthorizationHeader defines authorization, verify signature and check authorization GnfdAuthorizationHeader = "Authorization" // GnfdReceiveMsgHeader defines receive piece data meta GnfdReceiveMsgHeader = "X-Gnfd-Receive-Msg" // GnfdReplicatePieceApprovalHeader defines secondary approved msg for replicating piece GnfdReplicatePieceApprovalHeader = "X-Gnfd-Replicate-Piece-Approval-Msg" // GnfdObjectIDHeader defines object id GnfdObjectIDHeader = "X-Gnfd-Object-ID" // GnfdPieceIndexHeader defines piece idx, which is used by challenge GnfdPieceIndexHeader = "X-Gnfd-Piece-Index" // GnfdRedundancyIndexHeader defines redundancy idx, which is used by challenge and receiver GnfdRedundancyIndexHeader = "X-Gnfd-Redundancy-Index" // GnfdIntegrityHashHeader defines integrity hash, which is used by challenge and receiver GnfdIntegrityHashHeader = "X-Gnfd-Integrity-Hash" // GnfdPieceHashHeader defines piece hash list, which is used by challenge GnfdPieceHashHeader = "X-Gnfd-Piece-Hash" // GnfdUnsignedApprovalMsgHeader defines unsigned msg, which is used by get-approval GnfdUnsignedApprovalMsgHeader = "X-Gnfd-Unsigned-Msg" // GnfdSignedApprovalMsgHeader defines signed msg, which is used by get-approval GnfdSignedApprovalMsgHeader = "X-Gnfd-Signed-Msg" // GnfdPieceSizeHeader defines piece size, which is used to split by receiver GnfdPieceSizeHeader = "X-Gnfd-Piece-Size" // GnfdReplicateApproval defines SP approval that allow to replicate piece data, which is used by receiver GnfdReplicateApproval = "X-Gnfd-Replicate-Approval" // GnfdIntegrityHashSignatureHeader defines integrity hash signature, which is used by receiver GnfdIntegrityHashSignatureHeader = "X-Gnfd-Integrity-Hash-Signature" // GnfdUserAddressHeader defines the user address GnfdUserAddressHeader = "X-Gnfd-User-Address" // GnfdResponseXMLVersion defines the response xml version GnfdResponseXMLVersion = "1.0" // GnfdBuiltInUniversalEndpointDappHtml a html code which works as a dapp, help users sign with their wallet. GnfdBuiltInUniversalEndpointDappHtml = "" /* 51175-byte string literal not displayed */ // GnfdBuiltInDappSignedContentTemplate defines the template which users will sign against with their wallet. GnfdBuiltInDappSignedContentTemplate = "Sign this message to access the file:\n%s\nThis signature will not cost you any fees.\nExpiration Time: %s" // GnfdBuiltInUniversalEndpointDappErrorPage html code for an error page representing the error message to end users GnfdBuiltInUniversalEndpointDappErrorPage = "" /* 74609-byte string literal not displayed */ // GnfdOffChainAuthAppDomainHeader defines the app domain from where user is trying to do the EDDSA auth interactions GnfdOffChainAuthAppDomainHeader = "X-Gnfd-App-Domain" // GnfdOffChainAuthAppRegNonceHeader defines nonce for which user is trying to register his/her EDDSA public key GnfdOffChainAuthAppRegNonceHeader = "X-Gnfd-App-Reg-Nonce" // GnfdOffChainAuthAppRegPublicKeyHeader defines the EDDSA public key for which user is trying to register GnfdOffChainAuthAppRegPublicKeyHeader = "X-Gnfd-App-Reg-Public-Key" // GnfdOffChainAuthAppRegExpiryDateHeader defines the Expiry-Date is the ISO 8601 datetime string (e.g. 2021-09-30T16:25:24Z), used to register the EDDSA public key GnfdOffChainAuthAppRegExpiryDateHeader = "X-Gnfd-App-Reg-Expiry-Date" )
define all kinds of http constants
const ( DefaultGatewayDomainName = "localhost:9133" DefaultMaxListReadQuota = 100 DefaultMaxPayloadSize = 2 * 1024 * 1024 * 1024 )
const ( MaximumGetGroupListLimit = 1000 MaximumGetGroupListOffset = 100000 MaximumListObjectsAndBucketsSize = 1000 DefaultGetGroupListLimit = 50 DefaultGetGroupListOffset = 0 )
Variables ¶
var ( ErrUnsupportedSignType = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50001, "unsupported sign type") ErrAuthorizationHeaderFormat = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50002, "authorization header format error") ErrRequestConsistent = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50003, "request is tampered") ErrNoPermission = gfsperrors.Register(module.GateModularName, http.StatusUnauthorized, 50004, "no permission") ErrDecodeMsg = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50005, "gnfd msg encoding error") ErrValidateMsg = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50006, "gnfd msg validate error") ErrRefuseApproval = gfsperrors.Register(module.GateModularName, http.StatusOK, 50007, "approval request is refuse") ErrUnsupportedRequestType = gfsperrors.Register(module.GateModularName, http.StatusNotFound, 50008, "unsupported request type") ErrInvalidHeader = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50009, "invalid request header") ErrInvalidQuery = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50010, "invalid request params for query") ErrEncodeResponse = gfsperrors.Register(module.GateModularName, http.StatusInternalServerError, 50011, "server slipped away, try again later") ErrInvalidRange = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50012, "invalid range params") ErrExceptionStream = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50013, "stream exception") ErrMismatchSp = gfsperrors.Register(module.GateModularName, http.StatusNotAcceptable, 50014, "mismatch sp") ErrSignature = gfsperrors.Register(module.GateModularName, http.StatusNotAcceptable, 50015, "signature verification failed") ErrInvalidPayloadSize = gfsperrors.Register(module.GateModularName, http.StatusForbidden, 50016, "invalid payload") ErrInvalidDomainHeader = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50017, "The "+GnfdOffChainAuthAppRegNonceHeader+" header is incorrect.") ErrInvalidPublicKeyHeader = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50018, "The "+GnfdOffChainAuthAppRegNonceHeader+" header is incorrect.") ErrInvalidRegNonceHeader = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50019, "The "+GnfdOffChainAuthAppRegNonceHeader+" header is incorrect.") ErrSignedMsgNotMatchHeaders = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50020, "The signed message in "+GnfdAuthorizationHeader+" does not match the content in headers.") ErrSignedMsgNotMatchSPAddr = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50021, "The signed message in "+GnfdAuthorizationHeader+" is not for the this SP.") ErrSignedMsgNotMatchTemplate = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50022, "The signed message in "+GnfdAuthorizationHeader+" does not match the template.") ErrInvalidExpiryDateHeader = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50023, "The "+GnfdOffChainAuthAppRegExpiryDateHeader+" header is incorrect. "+ "The expiry date is expected to be within "+strconv.Itoa(int(MaxExpiryAgeInSec))+" seconds and formatted in YYYY-DD-MM HH:MM:SS 'GMT'Z, e.g. 2023-04-20 16:34:12 GMT+08:00 . ") ErrInvalidExpiryDate = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50024, "The expiry parameter is incorrect. "+ "The expiry date is expected to be within "+strconv.Itoa(int(MaxExpiryAgeInSec))+" seconds and formatted in YYYY-DD-MM HH:MM:SS 'GMT'Z, e.g. 2023-04-20 16:34:12 GMT+08:00 . ") ErrNoSuchObject = gfsperrors.Register(module.AuthenticationModularName, http.StatusNotFound, 50025, "no such object") ErrForbidden = gfsperrors.Register(module.GateModularName, http.StatusForbidden, 50026, "Forbidden to access") ErrConsensus = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 55001, "server slipped away, try again later") ErrApprovalExpired = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 550015, "approval expired") )
Functions ¶
func DefaultGaterOptions ¶
func DefaultGaterOptions(gater *GateModular, cfg *gfspconfig.GfSpConfig) error
func MakeErrorResponse ¶
func MakeErrorResponse(w http.ResponseWriter, err error)
func NewGateModular ¶
func NewGateModular(app *gfspapp.GfSpBaseApp, cfg *gfspconfig.GfSpConfig) (coremodule.Modular, error)
func RecoverAddr ¶
func RecoverAddr(msg []byte, sig []byte) (sdk.AccAddress, ethsecp256k1.PubKey, error)
RecoverAddr recovers the sender address from msg and signature TODO: move it to greenfield-common
func VerifyPersonalSignature ¶
func VerifyPersonalSignature(signedMsg string, sigString string) (sdk.AccAddress, error)
Types ¶
type GateModular ¶
type GateModular struct {
// contains filtered or unexported fields
}
func (*GateModular) Name ¶
func (g *GateModular) Name() string
func (*GateModular) RegisterHandler ¶
func (g *GateModular) RegisterHandler(router *mux.Router)
RegisterHandler registers the handlers to the gateway router.
func (*GateModular) ReleaseResource ¶
func (g *GateModular) ReleaseResource( ctx context.Context, span rcmgr.ResourceScopeSpan)
func (*GateModular) ReserveResource ¶
func (g *GateModular) ReserveResource( ctx context.Context, state *rcmgr.ScopeStat) ( rcmgr.ResourceScopeSpan, error)
type RequestContext ¶
type RequestContext struct {
// contains filtered or unexported fields
}
RequestContext generates from http request, it records the common info for handler to use.
func NewRequestContext ¶
func NewRequestContext(r *http.Request, g *GateModular) (*RequestContext, error)
NewRequestContext returns an instance of RequestContext, and verify the request signature, returns the instance regardless of the success or failure of the verification.
func (*RequestContext) Account ¶
func (r *RequestContext) Account() string
Account returns the account who send the request.
func (*RequestContext) Cancel ¶
func (r *RequestContext) Cancel()
Cancel releases the runtime context.
func (*RequestContext) Context ¶
func (r *RequestContext) Context() context.Context
Context returns the RequestContext runtime context.
func (*RequestContext) NeedVerifyAuthentication ¶
func (r *RequestContext) NeedVerifyAuthentication() bool
NeedVerifyAuthentication is temporary to Compatible SignatureV2
func (*RequestContext) SetError ¶
func (r *RequestContext) SetError(err error)
SetError sets the request err to RequestContext for logging and debugging.
func (*RequestContext) SetHttpCode ¶
func (r *RequestContext) SetHttpCode(code int)
SetHttpCode sets the http status code for logging and debugging.
func (*RequestContext) String ¶
func (r *RequestContext) String() string
String shows the detail result of the request for logging and debugging.
func (*RequestContext) VerifySignature ¶
func (r *RequestContext) VerifySignature() (string, error)