You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
// TODO: #767 in this case we can issue all owner keys from neofs.id and check once again
returnerrBearerInvalidOwner
}
Possible Solution
Do not attach bearer token for inter-container communication. It should work fine considering that only container nodes are assembling the objects right now (see #838)
Your Environment
Version used: neofs-node v0.34.0-28-g01a226b3 (support branch)
@fyrchik, @acid-ant, @cthulhu-rider, depending on the "speed of the fix", solution for #838, and some other preferences i see two main possibilities:
Drop bearer token when spawning a new GET/HEAD request if a node IS sure it is a container node (in fact, i am surprised why the token is even attached);
Add a session token for every child object (or for a full container) to any GET request (strange but i do not see any other opportunity to be able to get all the parts of a big object with a bearer token).
I am trying to upload and download object with bearer token. I use wallets from neofs-dev-env:
wallets/wallet.json
as container owner,services/s3_gate/wallet.json
as request sender.Expected Behavior
All storage nodes in the system return complex object.
Current Behavior
Some container nodes return
object not found
error.When bearer token is not attached, object is fetched (from public container).
Steps to Reproduce (for bugs)
I used
REP 2 IN X CBF 1 SELECT 3 FROM * AS X
so I had:services/s3_gate/wallet.json
is attached to this issue.Context
GET requests are failed on container nodes which contain some split information.
These nodes try to send inter-container requests to fetch the one of the child objects from container nodes, but they fail.
See more logs in attachment below.
Node sends new requests to container nodes and attaches bearer token from original request. Bearer token integrity check fails there.
neofs-node/pkg/services/object/acl/acl.go
Lines 252 to 255 in d8d3588
Possible Solution
Do not attach bearer token for inter-container communication. It should work fine considering that only container nodes are assembling the objects right now (see #838)
Your Environment
b.json
s03-get-logs.txt
The text was updated successfully, but these errors were encountered: