add auth api 'AdminGetCaps'

Signed-off-by: wenjia322 <[email protected]>
shijiesun · Jan 3, 2020 · 116c1fb · 116c1fb
1 parent 84b274e
commit 116c1fb
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 0 deletions.
diff --git a/authnode/api_service.go b/authnode/api_service.go
@@ -233,6 +233,7 @@ func (m *Server) apiAccessEntry(w http.ResponseWriter, r *http.Request) {
 			sendErrReply(w, r, &proto.HTTPAuthReply{Code: proto.ErrCodeParamError, Msg: err.Error()})
 			return
 		}
+	case proto.MsgAuthGetCapsReq:
 	default:
 		sendErrReply(w, r, &proto.HTTPAuthReply{Code: proto.ErrCodeParamError, Msg: fmt.Errorf("invalid request messge type %x", int32(apiReq.Type)).Error()})
 		return
@@ -264,6 +265,8 @@ func (m *Server) apiAccessEntry(w http.ResponseWriter, r *http.Request) {
 		newKeyInfo, err = m.handleAddCaps(&keyInfo)
 	case proto.MsgAuthDeleteCapsReq:
 		newKeyInfo, err = m.handleDeleteCaps(&keyInfo)
+	case proto.MsgAuthGetCapsReq:
+		newKeyInfo, err = m.handleGetCaps(&keyInfo)
 	}
 
 	if err != nil {
@@ -309,6 +312,20 @@ func (m *Server) handleDeleteCaps(keyInfo *keystore.KeyInfo) (res *keystore.KeyI
 	return m.cluster.DeleteCaps(keyInfo.ID, keyInfo)
 }
 
+func (m *Server) handleGetCaps(keyInfo *keystore.KeyInfo) (res *keystore.KeyInfo, err error) {
+	var info *keystore.KeyInfo
+	if info, err = m.getSecretKeyInfo(keyInfo.ID); err != nil {
+		return
+	}
+	res = &keystore.KeyInfo{
+		ID:        info.ID,
+		AccessKey: info.AccessKey,
+		SecretKey: info.SecretKey,
+		Caps:      info.Caps,
+	}
+	return
+}
+
 func (m *Server) extractClientReqInfo(r *http.Request) (plaintext []byte, err error) {
 	var (
 		message string

diff --git a/sdk/auth/api.go b/sdk/auth/api.go
@@ -70,3 +70,10 @@ func (api *API) OSSGetCaps(ticket *auth.Ticket, accessKey string) (caps *keystor
 	}
 	return api.ac.serveOSSRequest(ticket.ID, ticket, akCaps, proto.MsgAuthOSGetCapsReq, proto.OSGetCaps)
 }
+
+func (api *API) AdminGetCaps(ticket *auth.Ticket, userID string) (res *keystore.KeyInfo, err error) {
+	keyInfo := &keystore.KeyInfo{
+		ID: userID,
+	}
+	return api.ac.serveAdminRequest(ticket.ID, ticket, keyInfo, proto.MsgAuthGetCapsReq, proto.AdminGetCaps)
+}
diff --git a/sdk/auth/client.go b/sdk/auth/client.go
@@ -142,6 +142,41 @@ func (c *AuthClient) serveOSSRequest(id string, ticket *auth.Ticket, akCaps *key
 	return &resp.AKCaps, err
 }
 
+func (c *AuthClient) serveAdminRequest(id string, ticket *auth.Ticket, keyInfo *keystore.KeyInfo, reqType proto.MsgType, reqPath string) (res *keystore.KeyInfo, err error) {
+	var (
+		sessionKey []byte
+		ts         int64
+		resp       proto.AuthAPIAccessResp
+		respData   []byte
+	)
+	apiReq := &proto.APIAccessReq{
+		Type:      reqType,
+		ClientID:  id,
+		ServiceID: proto.AuthServiceID,
+		Ticket:    ticket.Ticket,
+	}
+	if sessionKey, err = cryptoutil.Base64Decode(ticket.SessionKey); err != nil {
+		return nil, err
+	}
+	if apiReq.Verifier, ts, err = cryptoutil.GenVerifier(sessionKey); err != nil {
+		return nil, err
+	}
+	message := &proto.AuthAPIAccessReq{
+		APIReq:  *apiReq,
+		KeyInfo: *keyInfo,
+	}
+	if respData, err = c.request(sessionKey, message, reqPath); err != nil {
+		return
+	}
+	if err = json.Unmarshal(respData, &resp); err != nil {
+		return
+	}
+	if err = proto.VerifyAPIRespComm(&resp.APIResp, reqType, id, proto.AuthServiceID, ts); err != nil {
+		return
+	}
+	return &resp.KeyInfo, err
+}
+
 func loadCertfile(path string) (caCert []byte, err error) {
 	caCert, err = ioutil.ReadFile(path)
 	if err != nil {