server: rename "bearer" package to "extargs"

toolkit/server/exectx/ucanctx.go

@@ -16,7 +16,7 @@ import (
 	"github.com/ucan-wg/go-ucan/token/delegation"
 	"github.com/ucan-wg/go-ucan/token/invocation"
 
-	"github.com/INFURA/go-ucan-toolkit/server/bearer"
+	"github.com/INFURA/go-ucan-toolkit/server/extargs"
 )
 
 var _ delegation.Loader = UcanCtx{}
@@ -32,8 +32,8 @@ type UcanCtx struct {
 	meta     *meta.Meta    // all meta combined, with no overwriting
 
 	// argument sources
-	http    *bearer.HttpBearer
+	http    *extargs.HttpExtArgs
-	jsonrpc *bearer.JsonRpcBearer
+	jsonrpc *extargs.JsonRpcExtArgs
 }
 
 func FromContainer(cont container.Reader) (*UcanCtx, error) {
@@ -105,7 +105,7 @@ func (ctn UcanCtx) VerifyHttp(req *http.Request) error {
 	if ctn.http == nil {
 		panic("only use once per request context")
 	}
-	ctn.http = bearer.NewHttpBearer(ctn.policies, ctn.inv.Arguments(), req)
+	ctn.http = extargs.NewHttpExtArgs(ctn.policies, ctn.inv.Arguments(), req)
 	return ctn.http.Verify()
 }
 
@@ -116,7 +116,7 @@ func (ctn UcanCtx) VerifyJsonRpc(req *jsonrpc.Request) error {
 	if ctn.jsonrpc != nil {
 		panic("only use once per request context")
 	}
-	ctn.jsonrpc = bearer.NewJsonRpcBearer(ctn.policies, ctn.inv.Arguments(), req)
+	ctn.jsonrpc = extargs.NewJsonRpcExtArgs(ctn.policies, ctn.inv.Arguments(), req)
 	return ctn.jsonrpc.Verify()
 }
 

toolkit/server/extargs/Readme.md

@@ -1,6 +1,6 @@
 ## Motivations
 
-UCAN is normally a pure RPC construct, when the entirety of the request's parameters are part of the invocation, in the form of `args`. Those `args` are evaluated against the delegation's [policy](https://github.com/ucan-wg/delegation/tree/v1_ipld?tab=readme-ov-file#policy) to determine if the request is allowed or not, then the request handling happens purely based on those args and the `command`. In that setup, the service would have a single entry point.
+UCAN is normally a pure RPC construct, when the entirety of the request's parameters is part of the invocation, in the form of `args`. Those `args` are evaluated against the delegation's [policy](https://github.com/ucan-wg/delegation/tree/v1_ipld?tab=readme-ov-file#policy) to determine if the request is allowed or not, then the request handling happens purely based on those args and the `command`. In that setup, the service would have a single entry point.
 
 Unfortunately, we live in a world of REST APIs, or JSON-RPC. Some adaptations or concessions need to be made.
 

toolkit/server/extargs/http.go

@@ -1,4 +1,4 @@
-package bearer
+package extargs
 
 import (
 	"bytes"
@@ -21,7 +21,7 @@ import (
 // - in the final args to be evaluated against the policies, holds the args derived from the HTTP request
 const HttpArgsKey = "http"
 
-type HttpBearer struct {
+type HttpExtArgs struct {
 	pol          policy.Policy
 	originalArgs args.ReadOnly
 	req          *http.Request
@@ -31,44 +31,44 @@ type HttpBearer struct {
 	argsIpld ipld.Node
 }
 
-func NewHttpBearer(pol policy.Policy, originalArgs args.ReadOnly, req *http.Request) *HttpBearer {
+func NewHttpExtArgs(pol policy.Policy, originalArgs args.ReadOnly, req *http.Request) *HttpExtArgs {
-	return &HttpBearer{pol: pol, originalArgs: originalArgs, req: req}
+	return &HttpExtArgs{pol: pol, originalArgs: originalArgs, req: req}
 }
 
-func (hc *HttpBearer) Verify() error {
+func (hea *HttpExtArgs) Verify() error {
-	if err := hc.makeArgs(); err != nil {
+	if err := hea.makeArgs(); err != nil {
 		return err
 	}
 
-	if err := hc.verifyHash(); err != nil {
+	if err := hea.verifyHash(); err != nil {
 		return err
 	}
 
-	ok, leaf := hc.pol.PartialMatch(hc.argsIpld)
+	ok, leaf := hea.pol.PartialMatch(hea.argsIpld)
 	if !ok {
 		return fmt.Errorf("the following UCAN policy is not satisfied: %v", leaf.String())
 	}
 	return nil
 }
 
-func (hc *HttpBearer) Args() (*args.Args, error) {
+func (hea *HttpExtArgs) Args() (*args.Args, error) {
-	if err := hc.makeArgs(); err != nil {
+	if err := hea.makeArgs(); err != nil {
 		return nil, err
 	}
-	return hc.args, nil
+	return hea.args, nil
 }
 
-func (hc *HttpBearer) makeArgs() error {
+func (hea *HttpExtArgs) makeArgs() error {
 	var outerErr error
-	hc.once.Do(func() {
+	hea.once.Do(func() {
 		var err error
-		hc.args, err = makeHttpArgs(hc.req)
+		hea.args, err = makeHttpArgs(hea.req)
 		if err != nil {
 			outerErr = err
 			return
 		}
 
-		hc.argsIpld, err = hc.args.ToIPLD()
+		hea.argsIpld, err = hea.args.ToIPLD()
 		if err != nil {
 			outerErr = err
 			return
@@ -77,8 +77,8 @@ func (hc *HttpBearer) makeArgs() error {
 	return outerErr
 }
 
-func (hc *HttpBearer) verifyHash() error {
+func (hea *HttpExtArgs) verifyHash() error {
-	n, err := hc.originalArgs.GetNode(HttpArgsKey)
+	n, err := hea.originalArgs.GetNode(HttpArgsKey)
 	if err != nil {
 		// no hash found, nothing to verify
 		return nil
@@ -89,7 +89,7 @@ func (hc *HttpBearer) verifyHash() error {
 		return fmt.Errorf("http args hash should be a string")
 	}
 
-	data, err := ipld.Encode(hc.argsIpld, dagcbor.Encode)
+	data, err := ipld.Encode(hea.argsIpld, dagcbor.Encode)
 	if err != nil {
 		return fmt.Errorf("can't encode derived args in dag-cbor: %w", err)
 	}

toolkit/server/extargs/http_test.go

@@ -1,4 +1,4 @@
-package bearer
+package extargs
 
 import (
 	"net/http"
@@ -107,7 +107,7 @@ func TestHttp(t *testing.T) {
 				// we don't test the args hash here
 				emptyArgs := args.New().ReadOnly()
 
-				ctx := NewHttpBearer(pol, emptyArgs, r)
+				ctx := NewHttpExtArgs(pol, emptyArgs, r)
 
 				_, err := ctx.Args()
 				require.NoError(t, err)
@@ -173,7 +173,7 @@ func TestHttpHash(t *testing.T) {
 			err := invArgs.Add(HttpArgsKey, tc.hash)
 			require.NoError(t, err)
 
-			ctx := NewHttpBearer(pol, invArgs.ReadOnly(), req)
+			ctx := NewHttpExtArgs(pol, invArgs.ReadOnly(), req)
 
 			if tc.expected {
 				require.NoError(t, ctx.Verify())

toolkit/server/extargs/jsonrpc.go

@@ -1,4 +1,4 @@
-package bearer
+package extargs
 
 import (
 	"bytes"
@@ -23,7 +23,7 @@ import (
 // - in the final args to be evaluated against the policies, holds the args derived from the JsonRpc request
 const JsonRpcArgsKey = "jsonrpc"
 
-type JsonRpcBearer struct {
+type JsonRpcExtArgs struct {
 	pol          policy.Policy
 	originalArgs args.ReadOnly
 	req          *jsonrpc.Request
@@ -33,44 +33,44 @@ type JsonRpcBearer struct {
 	argsIpld ipld.Node
 }
 
-func NewJsonRpcBearer(pol policy.Policy, originalArgs args.ReadOnly, req *jsonrpc.Request) *JsonRpcBearer {
+func NewJsonRpcExtArgs(pol policy.Policy, originalArgs args.ReadOnly, req *jsonrpc.Request) *JsonRpcExtArgs {
-	return &JsonRpcBearer{pol: pol, originalArgs: originalArgs, req: req}
+	return &JsonRpcExtArgs{pol: pol, originalArgs: originalArgs, req: req}
 }
 
-func (jrc *JsonRpcBearer) Verify() error {
+func (jrea *JsonRpcExtArgs) Verify() error {
-	if err := jrc.makeArgs(); err != nil {
+	if err := jrea.makeArgs(); err != nil {
 		return err
 	}
 
-	if err := jrc.verifyHash(); err != nil {
+	if err := jrea.verifyHash(); err != nil {
 		return err
 	}
 
-	ok, leaf := jrc.pol.PartialMatch(jrc.argsIpld)
+	ok, leaf := jrea.pol.PartialMatch(jrea.argsIpld)
 	if !ok {
 		return fmt.Errorf("the following UCAN policy is not satisfied: %v", leaf.String())
 	}
 	return nil
 }
 
-func (jrc *JsonRpcBearer) Args() (*args.Args, error) {
+func (jrea *JsonRpcExtArgs) Args() (*args.Args, error) {
-	if err := jrc.makeArgs(); err != nil {
+	if err := jrea.makeArgs(); err != nil {
 		return nil, err
 	}
-	return jrc.args, nil
+	return jrea.args, nil
 }
 
-func (jrc *JsonRpcBearer) makeArgs() error {
+func (jrea *JsonRpcExtArgs) makeArgs() error {
 	var outerErr error
-	jrc.once.Do(func() {
+	jrea.once.Do(func() {
 		var err error
-		jrc.args, err = makeJsonRpcArgs(jrc.req)
+		jrea.args, err = makeJsonRpcArgs(jrea.req)
 		if err != nil {
 			outerErr = err
 			return
 		}
 
-		jrc.argsIpld, err = jrc.args.ToIPLD()
+		jrea.argsIpld, err = jrea.args.ToIPLD()
 		if err != nil {
 			outerErr = err
 			return
@@ -79,8 +79,8 @@ func (jrc *JsonRpcBearer) makeArgs() error {
 	return outerErr
 }
 
-func (jrc *JsonRpcBearer) verifyHash() error {
+func (jrea *JsonRpcExtArgs) verifyHash() error {
-	n, err := jrc.originalArgs.GetNode(JsonRpcArgsKey)
+	n, err := jrea.originalArgs.GetNode(JsonRpcArgsKey)
 	if err != nil {
 		// no hash found, nothing to verify
 		return nil
@@ -91,7 +91,7 @@ func (jrc *JsonRpcBearer) verifyHash() error {
 		return fmt.Errorf("jsonrpc args hash should be a string")
 	}
 
-	data, err := ipld.Encode(jrc.argsIpld, dagcbor.Encode)
+	data, err := ipld.Encode(jrea.argsIpld, dagcbor.Encode)
 	if err != nil {
 		return fmt.Errorf("can't encode derived args in dag-cbor: %w", err)
 	}

toolkit/server/extargs/jsonrpc_test.go

@@ -1,4 +1,4 @@
-package bearer
+package extargs
 
 import (
 	"testing"
@@ -97,7 +97,7 @@ func TestJsonRpc(t *testing.T) {
 			// we don't test the args hash here
 			emptyArgs := args.New().ReadOnly()
 
-			ctx := NewJsonRpcBearer(tc.pol, emptyArgs, tc.req)
+			ctx := NewJsonRpcExtArgs(tc.pol, emptyArgs, tc.req)
 
 			_, err := ctx.Args()
 			require.NoError(t, err)
@@ -152,7 +152,7 @@ func TestJsonRpcHash(t *testing.T) {
 			err := invArgs.Add(JsonRpcArgsKey, tc.hash)
 			require.NoError(t, err)
 
-			ctx := NewJsonRpcBearer(pol, invArgs.ReadOnly(), req)
+			ctx := NewJsonRpcExtArgs(pol, invArgs.ReadOnly(), req)
 
 			if tc.expected {
 				require.NoError(t, ctx.Verify())