Anonymous Access (#2600)

Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
2023-01-27 12:23:30 -08:00
parent c141b6d65e
commit b218cbf503
39 changed files with 1596 additions and 891 deletions
--- a/restapi/operations/console_api.go
+++ b/restapi/operations/console_api.go
@@ -534,6 +534,10 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
 			return middleware.NotImplemented("operation user.UpdateUserInfo has not yet been implemented")
 		}),

+		// Applies when the "X-Anonymous" header is set
+		AnonymousAuth: func(token string) (*models.Principal, error) {
+			return nil, errors.NotImplemented("api key auth (anonymous) X-Anonymous from header param [X-Anonymous] has not yet been implemented")
+		},
 		KeyAuth: func(token string, scopes []string) (*models.Principal, error) {
 			return nil, errors.NotImplemented("oauth2 bearer auth (key) has not yet been implemented")
 		},
@@ -584,6 +588,10 @@ type ConsoleAPI struct {
 	//   - application/json
 	JSONProducer runtime.Producer

+	// AnonymousAuth registers a function that takes a token and returns a principal
+	// it performs authentication based on an api key X-Anonymous provided in the header
+	AnonymousAuth func(string) (*models.Principal, error)
+
 	// KeyAuth registers a function that takes an access token and a collection of required scopes and returns a principal
 	// it performs authentication based on an oauth2 bearer token provided in the request
 	KeyAuth func(string, []string) (*models.Principal, error)
@@ -975,6 +983,9 @@ func (o *ConsoleAPI) Validate() error {
 		unregistered = append(unregistered, "JSONProducer")
 	}

+	if o.AnonymousAuth == nil {
+		unregistered = append(unregistered, "XAnonymousAuth")
+	}
 	if o.KeyAuth == nil {
 		unregistered = append(unregistered, "KeyAuth")
 	}
@@ -1444,6 +1455,12 @@ func (o *ConsoleAPI) AuthenticatorsFor(schemes map[string]spec.SecurityScheme) m
 	result := make(map[string]runtime.Authenticator)
 	for name := range schemes {
 		switch name {
+		case "anonymous":
+			scheme := schemes[name]
+			result[name] = o.APIKeyAuthenticator(scheme.Name, scheme.In, func(token string) (interface{}, error) {
+				return o.AnonymousAuth(token)
+			})
+
 		case "key":
 			result[name] = o.BearerAuthenticator(name, func(token string, scopes []string) (interface{}, error) {
 				return o.KeyAuth(token, scopes)
--- a/restapi/operations/object/list_objects_parameters.go
+++ b/restapi/operations/object/list_objects_parameters.go
@@ -57,6 +57,10 @@ type ListObjectsParams struct {
 	/*
 	  In: query
 	*/
+	Limit *int32
+	/*
+	  In: query
+	*/
 	Prefix *string
 	/*
 	  In: query
@@ -88,6 +92,11 @@ func (o *ListObjectsParams) BindRequest(r *http.Request, route *middleware.Match
 		res = append(res, err)
 	}

+	qLimit, qhkLimit, _ := qs.GetOK("limit")
+	if err := o.bindLimit(qLimit, qhkLimit, route.Formats); err != nil {
+		res = append(res, err)
+	}
+
 	qPrefix, qhkPrefix, _ := qs.GetOK("prefix")
 	if err := o.bindPrefix(qPrefix, qhkPrefix, route.Formats); err != nil {
 		res = append(res, err)
@@ -127,6 +136,29 @@ func (o *ListObjectsParams) bindBucketName(rawData []string, hasKey bool, format
 	return nil
 }

+// bindLimit binds and validates parameter Limit from query.
+func (o *ListObjectsParams) bindLimit(rawData []string, hasKey bool, formats strfmt.Registry) error {
+	var raw string
+	if len(rawData) > 0 {
+		raw = rawData[len(rawData)-1]
+	}
+
+	// Required: false
+	// AllowEmptyValue: false
+
+	if raw == "" { // empty values pass all other validations
+		return nil
+	}
+
+	value, err := swag.ConvertInt32(raw)
+	if err != nil {
+		return errors.InvalidType("limit", "query", "int32", raw)
+	}
+	o.Limit = &value
+
+	return nil
+}
+
 // bindPrefix binds and validates parameter Prefix from query.
 func (o *ListObjectsParams) bindPrefix(rawData []string, hasKey bool, formats strfmt.Registry) error {
 	var raw string
--- a/restapi/operations/object/list_objects_urlbuilder.go
+++ b/restapi/operations/object/list_objects_urlbuilder.go
@@ -35,6 +35,7 @@ import (
 type ListObjectsURL struct {
 	BucketName string

+	Limit        *int32
 	Prefix       *string
 	Recursive    *bool
 	WithMetadata *bool
@@ -81,6 +82,14 @@ func (o *ListObjectsURL) Build() (*url.URL, error) {

 	qs := make(url.Values)

+	var limitQ string
+	if o.Limit != nil {
+		limitQ = swag.FormatInt32(*o.Limit)
+	}
+	if limitQ != "" {
+		qs.Set("limit", limitQ)
+	}
+
 	var prefixQ string
 	if o.Prefix != nil {
 		prefixQ = *o.Prefix