gater

package
v0.2.4-test-3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 10, 2023 License: GPL-3.0 Imports: 48 Imported by: 0

Documentation

Index

Constants

View Source
const (
	MaxExpiryAgeInSec int32  = 3600 * 24 * 7 // 7 days
	ExpiryDateFormat  string = time.RFC3339
)
View Source
const (
	// ContentTypeHeader is used to indicate the media type of the resource
	ContentTypeHeader = "Content-Type"
	// ContentLengthHeader indicates the size of the message body, in bytes
	ContentLengthHeader = "Content-Length"
	// RangeHeader asks the server to send only a portion of an HTTP message back to a client
	RangeHeader = "Range"
	// ContentRangeHeader response HTTP header indicates where in a full body message a partial message belongs
	ContentRangeHeader = "Content-Range"
	// OctetStream is used to indicate the binary files
	OctetStream = "application/octet-stream"
	// ContentTypeJSONHeaderValue is used to indicate json
	ContentTypeJSONHeaderValue = "application/json"
	// ContentTypeXMLHeaderValue is used to indicate xml
	ContentTypeXMLHeaderValue = "application/xml"
	// ContentDispositionHeader is used to indicate the media disposition of the resource
	ContentDispositionHeader = "Content-Disposition"
	// ContentDispositionAttachmentValue is used to indicate attachment
	ContentDispositionAttachmentValue = "attachment"
	// ContentDispositionInlineValue is used to indicate inline
	ContentDispositionInlineValue = "inline"

	// SignAlgorithm uses secp256k1 with the ECDSA algorithm
	SignAlgorithm = "ECDSA-secp256k1"
	// SignedMsg is the request hash
	SignedMsg = "SignedMsg"
	// Signature is the request signature
	Signature = "Signature"
	// SignTypeV1 is an authentication algorithm, which is used by dapps
	SignTypeV1 = "authTypeV1"
	// SignTypeV2 is an authentication algorithm, which is used by metamask
	SignTypeV2 = "authTypeV2"

	SignTypeOffChain   = "OffChainAuth" // sign type - off-chain-auth
	SignTypePersonal   = "PersonalSign" // sign type -  PersonalSign
	SignAlgorithmEddsa = "EDDSA"

	// GetApprovalPath defines get-approval path style suffix
	GetApprovalPath = "/greenfield/admin/v1/get-approval"
	// ActionQuery defines get-approval's type, currently include create bucket and create object
	ActionQuery = "action"
	// UploadProgressQuery defines upload progress query, which is used to route request
	UploadProgressQuery = "upload-progress"
	// UploadContextQuery defines an upload context query, which is used to route request, it includes upload offset,
	UploadContextQuery      = "upload-context"
	ResumableUploadComplete = "complete"
	ResumableUploadOffset   = "offset"
	GetSecondaryPieceData   = "get-piece"
	// GetBucketReadQuotaQuery defines bucket read quota query, which is used to route request
	GetBucketReadQuotaQuery = "read-quota"
	// GetBucketReadQuotaMonthQuery defines bucket read quota query month
	GetBucketReadQuotaMonthQuery = "year-month"
	// ListBucketReadRecordQuery defines list bucket read record query, which is used to route request
	ListBucketReadRecordQuery = "list-read-record"
	// ListBucketReadRecordMaxRecordsQuery defines list read record max num
	ListBucketReadRecordMaxRecordsQuery = "max-records"
	// ListObjectsMaxKeysQuery defines the maximum number of keys returned to the response
	ListObjectsMaxKeysQuery = "max-keys"
	// ListObjectsStartAfterQuery defines where you want to start listing from
	ListObjectsStartAfterQuery = "start-after"
	// ListObjectsContinuationTokenQuery indicates that the list is being continued on this bucket with a token
	ListObjectsContinuationTokenQuery = "continuation-token"
	// SpOperatorAddressQuery defines sp operator address
	SpOperatorAddressQuery = "sp-operator-address"
	// StartBlockNumberQuery defines start block number
	StartBlockNumberQuery = "start-block-number"
	// EndBlockNumberQuery defines end block number
	EndBlockNumberQuery = "end-block-number"
	// ListObjectsDelimiterQuery defines a character you use to group keys
	ListObjectsDelimiterQuery = "delimiter"
	// ListObjectsPrefixQuery defines limits the response to keys that begin with the specified prefix
	ListObjectsPrefixQuery = "prefix"
	// GetBucketMetaQuery defines get bucket metadata query, which is used to route request
	GetBucketMetaQuery = "bucket-meta"
	// GetObjectMetaQuery defines get object metadata query, which is used to route request
	GetObjectMetaQuery = "object-meta"
	// GetGroupListSourceTypeQuery defines get group list source type query, which is used to route request
	GetGroupListSourceTypeQuery = "source-type"
	// GetGroupListLimitQuery defines get group list limit query, which is used to route request
	GetGroupListLimitQuery = "limit"
	// GetGroupListOffsetQuery defines get group list offset query, which is used to route request
	GetGroupListOffsetQuery = "offset"
	// GetGroupListGroupQuery defines get group list group query, which is used to route request
	GetGroupListGroupQuery = "group-query"
	// ListBucketsByBucketIDQuery defines list buckets by bucket ids, which is used to route request
	ListBucketsByBucketIDQuery = "buckets-query"
	// ListObjectsByObjectIDQuery defines list objects by object ids, which is used to route request
	ListObjectsByObjectIDQuery = "objects-query"
	// GetPaymentByBucketIDQuery defines get payment by bucket id, which is used to route request
	GetPaymentByBucketIDQuery = "payment-id"
	// GetPaymentByBucketNameQuery defines get payment by bucket name, which is used to route request
	GetPaymentByBucketNameQuery = "payment-name"
	// GetBucketByBucketNameQuery defines get bucket by bucket name query, which is used to route request
	GetBucketByBucketNameQuery = "bucket-name"
	// GetBucketByBucketIDQuery defines get bucket by bucket id, which is used to route request
	GetBucketByBucketIDQuery = "bucket-id-query"
	// ListDeletedObjectsQuery defines list deleted objects info by a block number range, which is used to route request
	ListDeletedObjectsQuery = "deleted-objects"
	// GetUserBucketsCountQuery defines get user buckets count, which is used to route request
	GetUserBucketsCountQuery = "buckets-count"
	// ListExpiredBucketsBySpQuery defines list buckets that are expired by specific sp, which is used to route request
	ListExpiredBucketsBySpQuery = "expired-buckets"
	// GetGroupListNameQuery defines get group list name query, which is used to route request
	GetGroupListNameQuery = "name"
	// GetGroupListPrefixQuery defines get group list prefix query, which is used to route request
	GetGroupListPrefixQuery = "prefix"
	// StartTimestampUs defines start timestamp in microsecond, which is used by list read record, [start_ts,end_ts)
	StartTimestampUs = "start-timestamp"
	// EndTimestampUs defines end timestamp in microsecond, which is used by list read record, [start_ts,end_ts)
	EndTimestampUs = "end-timestamp"
	// VerifyPermissionObjectQuery defines verify permission object name
	VerifyPermissionObjectQuery = "object"
	// VerifyPermissionOperator defines verify permission operator address
	VerifyPermissionOperator = "operator"
	// VerifyPermissionActionType defines verify permission action type
	VerifyPermissionActionType = "action-type"
	// BucketIDQuery defines bucket id
	BucketIDQuery = "bucket-id"
	// LimitQuery defines limit of results
	LimitQuery = "limit"
	// CreateAtQuery defines the create timestamp
	CreateAtQuery = "create-at"
	// PrimarySpAddressQuery defines the primary sp address
	PrimarySpAddressQuery = "primary-sp-address"
	// GetChallengeInfoPath defines get challenge info path style suffix
	GetChallengeInfoPath = "/greenfield/admin/v1/challenge"
	// ReplicateObjectPiecePath defines replicate-object path style
	ReplicateObjectPiecePath = "/greenfield/receiver/v1/replicate-piece"
	//RecoverObjectPiecePath defines recovery-object path style
	RecoverObjectPiecePath = "/greenfield/recovery/v1/get-piece"
	// AuthRequestNoncePath defines path to request auth nonce
	AuthRequestNoncePath = "/auth/request_nonce"
	// AuthUpdateKeyPath defines path to update user public key
	AuthUpdateKeyPath = "/auth/update_key"
	// GnfdRequestIDHeader defines trace-id, trace request in sp
	GnfdRequestIDHeader = "X-Gnfd-Request-ID"
	// GnfdAuthorizationHeader defines authorization, verify signature and check authorization
	GnfdAuthorizationHeader = "Authorization"
	// GnfdReceiveMsgHeader defines receive piece data meta
	GnfdReceiveMsgHeader = "X-Gnfd-Receive-Msg"
	// GnfdRecoveryMsgHeader defines receive piece data meta
	GnfdRecoveryMsgHeader = "X-Gnfd-Recovery-Msg"
	// GnfdReplicatePieceApprovalHeader defines secondary approved msg for replicating piece
	GnfdReplicatePieceApprovalHeader = "X-Gnfd-Replicate-Piece-Approval-Msg"
	// GnfdObjectIDHeader defines object id
	GnfdObjectIDHeader = "X-Gnfd-Object-ID"
	// GnfdPieceIndexHeader defines piece idx, which is used by challenge
	GnfdPieceIndexHeader = "X-Gnfd-Piece-Index"
	// GnfdRedundancyIndexHeader defines redundancy idx, which is used by challenge and receiver
	GnfdRedundancyIndexHeader = "X-Gnfd-Redundancy-Index"
	// GnfdIntegrityHashHeader defines integrity hash, which is used by challenge and receiver
	GnfdIntegrityHashHeader = "X-Gnfd-Integrity-Hash"
	// GnfdPieceHashHeader defines piece hash list, which is used by challenge
	GnfdPieceHashHeader = "X-Gnfd-Piece-Hash"
	// GnfdUnsignedApprovalMsgHeader defines unsigned msg, which is used by get-approval
	GnfdUnsignedApprovalMsgHeader = "X-Gnfd-Unsigned-Msg"
	// GnfdSignedApprovalMsgHeader defines signed msg, which is used by get-approval
	GnfdSignedApprovalMsgHeader = "X-Gnfd-Signed-Msg"
	// GnfdPieceSizeHeader defines piece size, which is used to split by receiver
	GnfdPieceSizeHeader = "X-Gnfd-Piece-Size"
	// GnfdReplicateApproval defines SP approval that allow to replicate piece data, which is used by receiver
	GnfdReplicateApproval = "X-Gnfd-Replicate-Approval"
	// GnfdIntegrityHashSignatureHeader defines integrity hash signature, which is used by receiver
	GnfdIntegrityHashSignatureHeader = "X-Gnfd-Integrity-Hash-Signature"
	// GnfdUserAddressHeader defines the user address
	GnfdUserAddressHeader = "X-Gnfd-User-Address"
	// GnfdResponseXMLVersion defines the response xml version
	GnfdResponseXMLVersion = "1.0"

	// GnfdBuiltInUniversalEndpointDappHtml  a html code which works as a dapp, help users sign with their wallet.
	GnfdBuiltInUniversalEndpointDappHtml = "" /* 51189-byte string literal not displayed */
	// GnfdBuiltInDappSignedContentTemplate defines the template which users will sign against with their wallet.
	GnfdBuiltInDappSignedContentTemplate = "Sign this message to access the file:\n%s\nThis signature will not cost you any fees.\nExpiration Time: %s"
	// GnfdBuiltInUniversalEndpointDappErrorPage html code for an error page representing the error message to end users
	GnfdBuiltInUniversalEndpointDappErrorPage = "" /* 74609-byte string literal not displayed */

	// GnfdOffChainAuthAppDomainHeader defines the app domain from where user is trying to do the EDDSA auth interactions
	GnfdOffChainAuthAppDomainHeader = "X-Gnfd-App-Domain"
	// GnfdOffChainAuthAppRegNonceHeader defines nonce for which user is trying to register his/her EDDSA public key
	GnfdOffChainAuthAppRegNonceHeader = "X-Gnfd-App-Reg-Nonce"
	// GnfdOffChainAuthAppRegPublicKeyHeader defines the EDDSA public key for which user is trying to register
	GnfdOffChainAuthAppRegPublicKeyHeader = "X-Gnfd-App-Reg-Public-Key"
	// GnfdOffChainAuthAppRegExpiryDateHeader defines the Expiry-Date is the ISO 8601 datetime string (e.g. 2021-09-30T16:25:24Z), used to register the EDDSA public key
	GnfdOffChainAuthAppRegExpiryDateHeader = "X-Gnfd-App-Reg-Expiry-Date"

	RecoveryTimeOutSeconds  = 15
	RecoveryCheckInterval   = 2
	RecoveryMinMilliseconds = 500
	RecoveryMinEcIndex      = -1
	ErrPieceStoreInnerCode  = 35101
)

define all kinds of http constants

View Source
const (
	GatewayTotalSuccess            = "gateway_total_success"
	GatewayTotalFailure            = "gateway_total_failure"
	GatewayGetObjectSize           = "gateway_get_object_size"
	GatewayPutObjectSize           = "gateway_put_object_size"
	GatewayChallengePieceSize      = "gateway_challenge_piece_size"
	GatewayReplicatePieceSize      = "gateway_replicate_piece_size"
	GatewaySuccessGetApproval      = "gateway_get_approval_success"
	GatewayFailureGetApproval      = "gateway_get_approval_failure"
	GatewaySuccessGetChallengeInfo = "gateway_get_challenge_info_success"
	GatewayFailureGetChallengeInfo = "gateway_get_challenge_info_failure"
	GatewaySuccessReplicatePiece   = "gateway_replicate_piece_success"
	GatewayFailureReplicatePiece   = "gateway_replicate_piece_failure"
	GatewaySuccessPutObject        = "gateway_put_object_success"
	GatewayFailurePutObject        = "gateway_put_object_failure"
	GatewaySuccessGetObject        = "gateway_get_object_success"
	GatewayFailureGetObject        = "gateway_get_object_failure"
)
View Source
const (
	DefaultGatewayDomainName = "localhost:9133"
	DefaultMaxListReadQuota  = 100
	DefaultMaxPayloadSize    = 2 * 1024 * 1024 * 1024
)
View Source
const (
	MaximumGetGroupListLimit         = 1000
	MaximumGetGroupListOffset        = 100000
	MaximumListObjectsAndBucketsSize = 1000
	DefaultGetGroupListLimit         = 50
	DefaultGetGroupListOffset        = 0
)

Variables

View Source
var (
	ErrUnsupportedSignType       = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50001, "unsupported sign type")
	ErrAuthorizationHeaderFormat = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50002, "authorization header format error")
	ErrRequestConsistent         = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50003, "request is tampered")
	ErrNoPermission              = gfsperrors.Register(module.GateModularName, http.StatusUnauthorized, 50004, "no permission")
	ErrDecodeMsg                 = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50005, "gnfd msg encoding error")
	ErrValidateMsg               = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50006, "gnfd msg validate error")
	ErrRefuseApproval            = gfsperrors.Register(module.GateModularName, http.StatusOK, 50007, "approval request is refuse")
	ErrUnsupportedRequestType    = gfsperrors.Register(module.GateModularName, http.StatusNotFound, 50008, "unsupported request type")
	ErrInvalidHeader             = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50009, "invalid request header")
	ErrInvalidQuery              = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50010, "invalid request params for query")
	ErrEncodeResponse            = gfsperrors.Register(module.GateModularName, http.StatusInternalServerError, 50011, "server slipped away, try again later")
	ErrInvalidRange              = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50012, "invalid range params")
	ErrExceptionStream           = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50013, "stream exception")
	ErrMismatchSp                = gfsperrors.Register(module.GateModularName, http.StatusNotAcceptable, 50014, "mismatch sp")
	ErrSignature                 = gfsperrors.Register(module.GateModularName, http.StatusNotAcceptable, 50015, "signature verification failed")
	ErrInvalidPayloadSize        = gfsperrors.Register(module.GateModularName, http.StatusForbidden, 50016, "invalid payload")
	ErrInvalidDomainHeader       = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50017, "The "+GnfdOffChainAuthAppRegNonceHeader+" header is incorrect.")
	ErrInvalidPublicKeyHeader    = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50018, "The "+GnfdOffChainAuthAppRegNonceHeader+" header is incorrect.")
	ErrInvalidRegNonceHeader     = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50019, "The "+GnfdOffChainAuthAppRegNonceHeader+" header is incorrect.")
	ErrSignedMsgNotMatchHeaders  = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50020, "The signed message in "+GnfdAuthorizationHeader+" does not match the content in headers.")
	ErrSignedMsgNotMatchSPAddr   = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50021, "The signed message in "+GnfdAuthorizationHeader+" is not for the this SP.")
	ErrSignedMsgNotMatchTemplate = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50022, "The signed message in "+GnfdAuthorizationHeader+" does not match the template.")
	ErrInvalidExpiryDateHeader   = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50023, "The "+GnfdOffChainAuthAppRegExpiryDateHeader+" header is incorrect. "+
		"The expiry date is expected to be within "+strconv.Itoa(int(MaxExpiryAgeInSec))+" seconds and formatted in YYYY-DD-MM HH:MM:SS 'GMT'Z, e.g. 2023-04-20 16:34:12 GMT+08:00 . ")
	ErrInvalidExpiryDate = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50024, "The expiry parameter is incorrect. "+
		"The expiry date is expected to be within "+strconv.Itoa(int(MaxExpiryAgeInSec))+" seconds and formatted in YYYY-DD-MM HH:MM:SS 'GMT'Z, e.g. 2023-04-20 16:34:12 GMT+08:00 . ")
	ErrNoSuchObject    = gfsperrors.Register(module.AuthenticationModularName, http.StatusNotFound, 50025, "no such object")
	ErrForbidden       = gfsperrors.Register(module.GateModularName, http.StatusForbidden, 50026, "Forbidden to access")
	ErrInvalidComplete = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50027, "invalid complete")
	ErrInvalidOffset   = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50028, "invalid offset")

	ErrConsensus = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 55001, "server slipped away, try again later")

	ErrApprovalExpired        = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 550015, "approval expired")
	ErrRecoverySP             = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50030, "The SP is not the correct SP to recovery")
	ErrRecoveryRedundancyType = gfsperrors.Register(module.GateModularName, http.StatusBadRequest, 50031, "The redundancy type of the recovering piece is not EC")
	ErrRecoveryTimeout        = gfsperrors.Register(module.GateModularName, http.StatusInternalServerError, 50032, "System busy, try to request later")
)

Functions

func DefaultGaterOptions

func DefaultGaterOptions(gater *GateModular, cfg *gfspconfig.GfSpConfig) error

func MakeErrorResponse

func MakeErrorResponse(w http.ResponseWriter, err error)

func RecoverAddr

func RecoverAddr(msg []byte, sig []byte) (sdk.AccAddress, ethsecp256k1.PubKey, error)

RecoverAddr recovers the sender address from msg and signature TODO: move it to greenfield-common

func VerifyPersonalSignature

func VerifyPersonalSignature(signedMsg string, sigString string) (sdk.AccAddress, error)

Types

type GateModular

type GateModular struct {
	// contains filtered or unexported fields
}

func (*GateModular) Name

func (g *GateModular) Name() string

func (*GateModular) RegisterHandler

func (g *GateModular) RegisterHandler(router *mux.Router)

RegisterHandler registers the handlers to the gateway router.

func (*GateModular) ReleaseResource

func (g *GateModular) ReleaseResource(
	ctx context.Context,
	span rcmgr.ResourceScopeSpan)

func (*GateModular) ReserveResource

func (g *GateModular) ReserveResource(
	ctx context.Context,
	state *rcmgr.ScopeStat) (
	rcmgr.ResourceScopeSpan, error)

func (*GateModular) Start

func (g *GateModular) Start(ctx context.Context) error

func (*GateModular) Stop

func (g *GateModular) Stop(ctx context.Context) error

type RequestContext

type RequestContext struct {
	// contains filtered or unexported fields
}

RequestContext generates from http request, it records the common info for handler to use.

func NewRequestContext

func NewRequestContext(r *http.Request, g *GateModular) (*RequestContext, error)

NewRequestContext returns an instance of RequestContext, and verify the request signature, returns the instance regardless of the success or failure of the verification.

func (*RequestContext) Account

func (r *RequestContext) Account() string

Account returns the account who send the request.

func (*RequestContext) Cancel

func (r *RequestContext) Cancel()

Cancel releases the runtime context.

func (*RequestContext) Context

func (r *RequestContext) Context() context.Context

Context returns the RequestContext runtime context.

func (*RequestContext) SetError

func (r *RequestContext) SetError(err error)

SetError sets the request err to RequestContext for logging and debugging.

func (*RequestContext) SetHttpCode

func (r *RequestContext) SetHttpCode(code int)

SetHttpCode sets the http status code for logging and debugging.

func (*RequestContext) SkipVerifyAuthentication

func (r *RequestContext) SkipVerifyAuthentication() bool

SkipVerifyAuthentication is temporary to Compatible SignatureV2

func (*RequestContext) String

func (r *RequestContext) String() string

String shows the detail result of the request for logging and debugging.

func (*RequestContext) VerifySignature

func (r *RequestContext) VerifySignature() (string, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL