OneScript
OneScript copied to clipboard
EvilBeaver
feat: Добавление ТокенДоступа (AccessToken)
Реализован объект ТокенДоступа (AccessToken) и добавлен новый метод ДобавитьТокенДоступа в HTTPЗапрос
Summary by CodeRabbit
Release Notes
-
New Features
- Added JWT token creation and signing functionality with support for HS, RS, PS, and ES algorithms
- HTTP requests now support attaching access tokens with Bearer token authorization
- New access token API for managing token metadata, claims, and recipients
-
Tests
- Added comprehensive test suite for JWT token operations
- Added integration tests for token transmission in HTTP requests
✏️ Tip: You can customize this high-level summary in your review settings.
Walkthrough
This PR adds JWT token support to OneScript's HTTP library, introducing an AccessTokenContext class for creating and signing tokens with multiple algorithms. HTTP methods are updated to accept an IBslProcess parameter and integrate token handling, with new test coverage validating token creation, signing, and HTTP transmission.
Changes
| Cohort / File(s) | Summary |
|---|---|
Security/Tokens module src/OneScript.StandardLibrary/Security/Tokens/AccessTokenContext.cs, src/OneScript.StandardLibrary/Security/Tokens/AccessTokenSignAlgorithmEnum.cs |
Introduces AccessTokenContext class for JWT token construction with support for HS, RS, PS, and ES signing algorithms; implements token building, claim population, and cryptographic key handling. Adds AccessTokenSignAlgorithmEnum enum with 13 algorithm variants (ES256/384/512, HS256/384/512, PS256/384/512, RS256/384/512, None). |
HTTP API integration src/OneScript.StandardLibrary/Http/HttpConnectionContext.cs, src/OneScript.StandardLibrary/Http/HttpRequestContext.cs |
Updates all HTTP methods (Get, Put, Post, Delete, Patch, Head) to accept leading IBslProcess parameter; threads process through request flow for token handling. Adds CallHTTPMethod public method for generic HTTP operations. Extends HttpRequestContext with AccessToken property and AddAccessToken() method; integrates token into Authorization header construction via Bearer token format. |
Dependencies src/OneScript.StandardLibrary/OneScript.StandardLibrary.csproj |
Adds System.IdentityModel.Tokens.Jwt (v8.14.0) NuGet package reference. |
Test coverage tests/http.os, tests/security/access-token.os |
Adds HTTP integration test for token transmission via AddAccessToken. Introduces comprehensive JWT unit test suite covering token construction, signing with multiple algorithms, claim handling, recipient lists, and error cases. |
Sequence Diagram
sequenceDiagram
participant Client as Client Script
participant HTTP as HttpConnectionContext
participant Token as AccessTokenContext
participant Request as HttpRequestContext
participant Handler as JwtSecurityTokenHandler
participant WebReq as HttpWebRequest
Client->>Token: Constructor()
Token-->>Client: AccessTokenContext instance
Client->>Token: Add Headers/Payload
Note over Token: Store metadata (LifeTime, Issuer, Recipients)
Client->>Token: Sign(process, algorithm, secretKey)
activate Token
Token->>Token: BuildToken()
Note over Token: Populate claims<br/>(iss, iat, nbf, exp, aud)
Token->>Token: ResolveSigningCredentials(algorithm, key)
Note over Token: Load PEM key<br/>Map to SecurityKey
Token->>Handler: CreateToken(descriptor)
Handler-->>Token: JwtSecurityToken
Token->>Handler: WriteToken(jwtToken)
Handler-->>Token: Signed token string
Token->>Token: _isSigned = true
deactivate Token
Client->>Request: AddAccessToken(token)
Request->>Request: AccessToken = token
Client->>HTTP: Get(process, request)
activate HTTP
HTTP->>Request: (extract AccessToken)
HTTP->>Token: ToString(process)
Token-->>HTTP: Signed token string
HTTP->>HTTP: SetRequestHeaders(request, webRequest, process)
Note over HTTP: Set Authorization header<br/>Bearer {token}
HTTP->>WebReq: Add headers & send
deactivate HTTP
HTTP-->>Client: HttpResponseContext
Estimated code review effort
🎯 4 (Complex) | ⏱️ ~45 minutes
Areas requiring extra attention:
- AccessTokenContext.cs: Cryptographic operations including RSA/ECDSA key loading from PEM format, JwtSecurityTokenHandler integration, claim population, and token lifecycle management (creation, signing, disposal)
-
HTTP method signature changes: Ensure all six public HTTP methods (Get, Put, Post, Delete, Patch, Head) and the new
CallHTTPMethodproperly thread theIBslProcessparameter through the internal flow -
Token-to-header integration: Verify that
AccessToken.ToString(process)is correctly invoked and the Bearer token format is properly set in the Authorization header - Error handling: Exception handling in token signing (SecurityTokenException, ArgumentException) and PEM key parsing
Suggested reviewers
- nixel2007
Poem
🐰 A hop through tokens, cryptographic dreams!
JWT's wrapped in secure seams,
HTTP methods dance with process in hand,
Bearer tokens flow across the land! 🔐✨
Pre-merge checks and finishing touches
❌ Failed checks (1 warning)
| Check name | Status | Explanation | Resolution |
|---|---|---|---|
| Docstring Coverage | ⚠️ Warning | Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%. | You can run @coderabbitai generate docstrings to improve docstring coverage. |
✅ Passed checks (2 passed)
| Check name | Status | Explanation |
|---|---|---|
| Description Check | ✅ Passed | Check skipped - CodeRabbit’s high-level summary is enabled. |
| Title check | ✅ Passed | The title 'feat: Добавление ТокенДоступа (AccessToken)' accurately describes the main change: adding AccessToken functionality with new token context objects and HTTP integration. |
✨ Finishing touches
🧪 Generate unit tests (beta)
- [ ] Create PR with unit tests
- [ ] Post copyable unit tests in a comment
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.
Comment @coderabbitai help to get the list of available commands and usage tips.
![coderabbitai[bot] avatar](https://avatars.githubusercontent.com/in/347564?v=4 "Published by a pub.dev verified publisher"){kind=small}