Documentation
¶
Overview ¶
Package rpc implements the Hilt UCAN RPC API — the S3 commands Ingot invokes on Hilt (see the Forge S3 tenant-management RFC). Each command is exposed as a github.com/fil-forge/ucantone/server.Route via its New*Handler constructor, collected via fx and registered on the UCAN server: /s3/request/authorize (authorize.go), /s3/bucket/{create,delete,info,list} (create.go, delete.go, info.go, list.go). Authentication and authorization shared by the signature-bearing commands live in the auth service (service/auth).
Index ¶
- Constants
- Variables
- func AddProvider(ctx context.Context, logger *zap.Logger, serviceID did.DID, ...) (*adminprovider.AddOK, error)
- func AuthorizeRequest(ctx context.Context, logger *zap.Logger, authorizer *auth.Authorizer, ...) (*s3req.AuthorizeOK, []ucan.Delegation, error)
- func NewAddProviderHandler(logger *zap.Logger, id identity.Identity, providers providerstore.Store) server.Route
- func NewAuthorizeRequestHandler(logger *zap.Logger, authorizer *auth.Authorizer) server.Route
- func NewBucketInfoHandler(logger *zap.Logger, buckets *bucketsvc.Service) server.Route
- func NewCreateBucketHandler(logger *zap.Logger, buckets *bucketsvc.Service) server.Route
- func NewDeleteBucketHandler(logger *zap.Logger, buckets *bucketsvc.Service) server.Route
- func NewListBucketsHandler(logger *zap.Logger, buckets *bucketsvc.Service) server.Route
Constants ¶
const ( ProviderExistsErrorName = "ProviderExists" )
Error names for the admin commands' known rejections, exported so callers can match on the stable Name() of a serialized failure.
Variables ¶
var ( // own identity. Admin commands are self-issued only. ErrUnauthorized = ucanerrors.New(UnauthorizedErrorName, "only the service identity may perform this operation") // ErrProviderExists is returned when a provider is already registered for the // given DID or region. ErrProviderExists = ucanerrors.New(ProviderExistsErrorName, "a provider is already registered for this DID or region") )
Known rejections returned by the admin handlers.
Functions ¶
func AddProvider ¶
func AddProvider(ctx context.Context, logger *zap.Logger, serviceID did.DID, providers providerstore.Store, issuer did.DID, args *adminprovider.AddArguments) (*adminprovider.AddOK, error)
AddProvider registers a provider. Only the service identity (issuer == serviceID) may call it; there are no delegation proofs because the subject is the service. It is factored out of the handler so it can be unit tested without constructing a UCAN invocation.
func AuthorizeRequest ¶
func AuthorizeRequest( ctx context.Context, logger *zap.Logger, authorizer *auth.Authorizer, issuer did.DID, args *s3req.AuthorizeArguments, ) (*s3req.AuthorizeOK, []ucan.Delegation, error)
AuthorizeRequest authenticates the S3 request (which resolves and scope-checks the addressed bucket and the access key's permission for the action), derives the verification key, and mints delegations for the action's Forge commands to the invocation issuer (TTL ≤ 24h). It returns the result and the delegation blocks to attach to the response. It is factored out of the handler so it can be unit tested without constructing a UCAN invocation.
func NewAddProviderHandler ¶
func NewAddProviderHandler(logger *zap.Logger, id identity.Identity, providers providerstore.Store) server.Route
NewAddProviderHandler handles /admin/provider/add — register a regional provider (DID + region). It is an admin command: only an invocation issued by the service's own identity is accepted (no delegation proofs, since the subject is the service).
func NewAuthorizeRequestHandler ¶
NewAuthorizeRequestHandler handles /s3/request/authorize — authenticate an AWS S3 request, derive the verification key the gateway needs, and issue delegations for the requested action's Forge commands to the invocation issuer.
func NewBucketInfoHandler ¶
NewBucketInfoHandler handles /s3/bucket/info — look up a bucket by name and return its DID, the access key's S3 permissions, and the delegation proof chain(s) from the bucket to that access key. It is a lookup: it carries no signed S3 request, so it neither authenticates a signature nor checks the invocation issuer.
func NewCreateBucketHandler ¶
NewCreateBucketHandler handles /s3/bucket/create — authenticate an AWS S3 CreateBucket request, create the bucket (and its bucket→tenant root delegation), provision its space with Sprue, and return the bucket DID with the delegation chains that now grant the access key access to it.
func NewDeleteBucketHandler ¶
NewDeleteBucketHandler handles /s3/bucket/delete — authenticate an AWS S3 DeleteBucket request, verify the bucket is empty (via Sprue), then remove its delegations and record.
Types ¶
This section is empty.
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
service
|
|
|
auth
Package auth provides the request authorization service for the Hilt UCAN RPC handlers: it authenticates SigV4/SigV4a signatures, resolves the access key and tenant, and enforces the provider/region constraints shared by every S3 command.
|
Package auth provides the request authorization service for the Hilt UCAN RPC handlers: it authenticates SigV4/SigV4a signatures, resolves the access key and tenant, and enforces the provider/region constraints shared by every S3 command. |
|
bucket
Package bucket provides the S3 bucket business logic for the UCAN RPC API: create (authenticate + create the bucket, its bucket→tenant root delegation, and Sprue space, returning the access key's proof chains), delete (verify empty via Sprue, then tear down), list, and info (a lookup returning proof chains).
|
Package bucket provides the S3 bucket business logic for the UCAN RPC API: create (authenticate + create the bucket, its bucket→tenant root delegation, and Sprue space, returning the access key's proof chains), delete (verify empty via Sprue, then tear down), list, and info (a lookup returning proof chains). |