storj/cmd/satellite/testdata.go
Cameron 98fed4bc30 {satellite/console,web/satellite}: get project salt from satellite
Add getSalt to projects api. Add action, GET_SALT, on Store
Projects module to make the api request and return the salt
string everywhere in the web app that generates an access grant.
The Wasm code which is used to create the access grant has been
changed to decode the salt as a base64 encoded string. The names
of the function calls in the changed Wasm code have also been
changed to ensure that access grant creation fails if JS access
grant worker code and Wasm code are not the same version.

https://github.com/storj/storj-private/issues/64

Change-Id: Ia2bc4cbadad84b066ca1882b042a3f0bb13c783a
2022-10-12 19:06:27 +00:00

139 lines
3.5 KiB
Go

// Copyright (C) 2022 Storj Labs, Inc.
// See LICENSE for copying information.
package main
import (
"context"
"crypto/sha256"
"database/sql"
"encoding/base64"
"errors"
"github.com/zeebo/errs"
"golang.org/x/crypto/bcrypt"
"storj.io/common/macaroon"
"storj.io/common/memory"
"storj.io/common/uuid"
"storj.io/storj/satellite"
"storj.io/storj/satellite/console"
"storj.io/storj/satellite/console/consolewasm"
)
const (
fullMigration = "full"
snapshotMigration = "snapshot"
testDataCreation = "testdata"
noMigration = "none"
)
var migrationTypes = []string{fullMigration, snapshotMigration, testDataCreation, noMigration}
var (
projectID = uuid.UUID([16]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1})
apiKeyID = uuid.UUID([16]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2})
head = []byte{
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3,
}
secret = []byte{
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4,
}
password = "123a123"
)
// createTestData creates predefined test account to make the integration tests easier.
func createTestData(ctx context.Context, db satellite.DB) error {
userID, err := uuid.FromString("be041c3c-0658-40d1-8f7c-e70a0a26cc12")
if err != nil {
return err
}
_, err = db.Console().Users().Get(ctx, userID)
if errors.Is(err, sql.ErrNoRows) {
hash, err := bcrypt.GenerateFromPassword([]byte(password), 0)
if err != nil {
return err
}
_, err = db.Console().Users().Insert(ctx, &console.User{
ID: userID,
FullName: "Hiro Protagonist",
Email: "test@storj.io",
ProjectLimit: 5,
ProjectStorageLimit: (memory.GB * 150).Int64(),
ProjectBandwidthLimit: (memory.GB * 150).Int64(),
PasswordHash: hash,
})
if err != nil {
return err
}
active := console.Active
err = db.Console().Users().Update(ctx, userID, console.UpdateUserRequest{
Status: &active,
})
if err != nil {
return err
}
} else if err != nil {
return err
}
_, err = db.Console().Projects().Get(ctx, projectID)
if errors.Is(err, sql.ErrNoRows) {
_, err := db.Console().Projects().Insert(ctx, &console.Project{
ID: projectID,
OwnerID: userID,
Name: "testproject",
})
if err != nil {
return err
}
_, err = db.Console().ProjectMembers().Insert(ctx, userID, projectID)
if err != nil {
return err
}
} else if err != nil {
return err
}
_, err = db.Console().APIKeys().GetByNameAndProjectID(ctx, "testkey", projectID)
if errors.Is(err, sql.ErrNoRows) {
_, err = db.Console().APIKeys().Create(ctx, head, console.APIKeyInfo{
ID: apiKeyID,
ProjectID: projectID,
Name: "testkey",
Secret: secret,
})
} else if err != nil {
return err
}
return err
}
// GetTestApiKey can calculate an access grant for the predefined test users/project.
func GetTestApiKey(satelliteId string) (string, error) {
key, err := macaroon.FromParts(head, secret)
if err != nil {
return "", errs.Wrap(err)
}
idHash := sha256.Sum256(projectID[:])
base64Salt := base64.StdEncoding.EncodeToString(idHash[:])
accessGrant, err := consolewasm.GenAccessGrant(satelliteId, key.Serialize(), password, base64Salt)
if err != nil {
return "", errs.Wrap(err)
}
return accessGrant, nil
}