162 lines
3.9 KiB
Go
162 lines
3.9 KiB
Go
|
// Copyright (C) 2019 Storj Labs, Inc.
|
||
|
// See LICENSE for copying information.
|
||
|
|
||
|
package uplink_test
|
||
|
|
||
|
import (
|
||
|
"context"
|
||
|
"fmt"
|
||
|
"io"
|
||
|
"io/ioutil"
|
||
|
"os"
|
||
|
"strings"
|
||
|
|
||
|
"github.com/zeebo/errs"
|
||
|
|
||
|
"storj.io/storj/lib/uplink"
|
||
|
)
|
||
|
|
||
|
func CreateEncryptionKeyExampleByAdmin1(ctx context.Context, satelliteAddress, apiKey string, cfg *uplink.Config, out io.Writer) (serializedEncCtx string, err error) {
|
||
|
errCatch := func(fn func() error) { err = errs.Combine(err, fn()) }
|
||
|
|
||
|
// First, create an Uplink handle.
|
||
|
ul, err := uplink.NewUplink(ctx, cfg)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
defer errCatch(ul.Close)
|
||
|
|
||
|
// Parse the API key. API keys are "macaroons" that allow you to create new, restricted API keys.
|
||
|
key, err := uplink.ParseAPIKey(apiKey)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
// Open the project in question. Projects are identified by a specific Satellite and API key
|
||
|
p, err := ul.OpenProject(ctx, satelliteAddress, key)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
defer errCatch(p.Close)
|
||
|
|
||
|
// Make a key
|
||
|
encKey, err := p.SaltedKeyFromPassphrase(ctx, "my secret passphrase")
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
// Make an encryption context
|
||
|
encCtx := uplink.NewEncryptionCtxWithDefaultKey(*encKey)
|
||
|
// serialize it
|
||
|
serializedEncCtx, err = encCtx.Serialize()
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
// Create a bucket
|
||
|
_, err = p.CreateBucket(ctx, "prod", nil)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
// Open bucket
|
||
|
bucket, err := p.OpenBucket(ctx, "prod", encCtx)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
defer errCatch(bucket.Close)
|
||
|
|
||
|
// Upload a file
|
||
|
err = bucket.UploadObject(ctx, "webserver/logs/log.txt", strings.NewReader("hello world"), nil)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
fmt.Fprintln(out, "success!")
|
||
|
return serializedEncCtx, nil
|
||
|
}
|
||
|
|
||
|
func CreateEncryptionKeyExampleByAdmin2(ctx context.Context, satelliteAddress, apiKey string, serializedEncCtx string, cfg *uplink.Config, out io.Writer) (err error) {
|
||
|
errCatch := func(fn func() error) { err = errs.Combine(err, fn()) }
|
||
|
|
||
|
// First, create an Uplink handle.
|
||
|
ul, err := uplink.NewUplink(ctx, cfg)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
defer errCatch(ul.Close)
|
||
|
|
||
|
// Parse the API key. API keys are "macaroons" that allow you to create new, restricted API keys.
|
||
|
key, err := uplink.ParseAPIKey(apiKey)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
// Open the project in question. Projects are identified by a specific Satellite and API key
|
||
|
p, err := ul.OpenProject(ctx, satelliteAddress, key)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
defer errCatch(p.Close)
|
||
|
|
||
|
// Parse the encryption context
|
||
|
encCtx, err := uplink.ParseEncryptionCtx(serializedEncCtx)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
// Open bucket
|
||
|
bucket, err := p.OpenBucket(ctx, "prod", encCtx)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
defer errCatch(bucket.Close)
|
||
|
|
||
|
// Open file
|
||
|
obj, err := bucket.OpenObject(ctx, "webserver/logs/log.txt")
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
defer errCatch(obj.Close)
|
||
|
|
||
|
// Get a reader for the entire file
|
||
|
r, err := obj.DownloadRange(ctx, 0, -1)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
defer errCatch(r.Close)
|
||
|
|
||
|
// Read the file
|
||
|
data, err := ioutil.ReadAll(r)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
// Print it!
|
||
|
fmt.Fprintln(out, string(data))
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func Example_createEncryptionKey() {
|
||
|
// The satellite address is the address of the satellite your API key is valid on
|
||
|
satelliteAddress := "us-central-1.tardigrade.io:7777"
|
||
|
|
||
|
// The API key can be created in the web interface
|
||
|
admin1APIKey := "qPSUM3k0bZyOIyil2xrVWiSuc9HuB2yBP3qDrA2Gc"
|
||
|
admin2APIKey := "udP0lzCC2rgwRZfdY70PcwWrXzrq9cl5usbiFaeyo"
|
||
|
|
||
|
ctx := context.Background()
|
||
|
|
||
|
// Admin1 is going to create an encryption context and share it
|
||
|
encCtx, err := CreateEncryptionKeyExampleByAdmin1(ctx, satelliteAddress, admin1APIKey, &uplink.Config{}, os.Stdout)
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
|
||
|
// Admin2 is going to use the provided encryption context to load the uploaded file
|
||
|
err = CreateEncryptionKeyExampleByAdmin2(ctx, satelliteAddress, admin2APIKey, encCtx, &uplink.Config{}, os.Stdout)
|
||
|
if err != nil {
|
||
|
panic(err)
|
||
|
}
|
||
|
}
|