Support query string request authentication

pull/16/head
Andrew Gaul 2014-08-05 12:36:25 -07:00
rodzic 8f24e8cb7e
commit 8e63a6c93e
3 zmienionych plików z 39 dodań i 3 usunięć

Wyświetl plik

@ -73,7 +73,6 @@ S3Proxy does not support:
* single-part uploads larger than 2 GB ([upstream issue](https://github.com/jclouds/jclouds/pull/426)) * single-part uploads larger than 2 GB ([upstream issue](https://github.com/jclouds/jclouds/pull/426))
* multi-part uploads * multi-part uploads
* bucket ACLs * bucket ACLs
* URL signing
* metadata with filesystem provider ([upstream issue](https://github.com/jclouds/jclouds/pull/443)) * metadata with filesystem provider ([upstream issue](https://github.com/jclouds/jclouds/pull/443))
* listening on HTTPS * listening on HTTPS

Wyświetl plik

@ -103,7 +103,8 @@ final class S3ProxyHandler extends AbstractHandler {
String expectedAuthorization = createAuthorizationHeader(request, String expectedAuthorization = createAuthorizationHeader(request,
identity, credential); identity, credential);
if (!expectedAuthorization.equals(request.getHeader( if (!expectedAuthorization.equals(request.getHeader(
HttpHeaders.AUTHORIZATION))) { HttpHeaders.AUTHORIZATION)) &&
!expectedAuthorization.equals("AWS " + request.getParameter("AWSAccessKeyId") + ":" + request.getParameter("Signature"))) {
sendSimpleErrorResponse(response, sendSimpleErrorResponse(response,
HttpServletResponse.SC_FORBIDDEN, HttpServletResponse.SC_FORBIDDEN,
"SignatureDoesNotMatch", "Forbidden"); "SignatureDoesNotMatch", "Forbidden");
@ -800,7 +801,10 @@ final class S3ProxyHandler extends AbstractHandler {
builder.append(contentType); builder.append(contentType);
} }
builder.append('\n'); builder.append('\n');
if (!canonicalizedHeaders.containsKey("x-amz-date")) { String expires = request.getParameter("Expires");
if (expires != null) {
builder.append(expires);
} else if (!canonicalizedHeaders.containsKey("x-amz-date")) {
builder.append(request.getHeader(HttpHeaders.DATE)); builder.append(request.getHeader(HttpHeaders.DATE));
} }
builder.append('\n'); builder.append('\n');

Wyświetl plik

@ -22,16 +22,22 @@ import java.io.InputStream;
import java.net.URI; import java.net.URI;
import java.util.Properties; import java.util.Properties;
import javax.servlet.http.HttpServletResponse;
import com.google.common.collect.ImmutableSet; import com.google.common.collect.ImmutableSet;
import com.google.common.io.ByteSource; import com.google.common.io.ByteSource;
import org.jclouds.Constants;
import org.jclouds.ContextBuilder; import org.jclouds.ContextBuilder;
import org.jclouds.blobstore.BlobRequestSigner;
import org.jclouds.blobstore.BlobStore; import org.jclouds.blobstore.BlobStore;
import org.jclouds.blobstore.BlobStoreContext; import org.jclouds.blobstore.BlobStoreContext;
import org.jclouds.blobstore.domain.Blob; import org.jclouds.blobstore.domain.Blob;
import org.jclouds.blobstore.domain.BlobMetadata; import org.jclouds.blobstore.domain.BlobMetadata;
import org.jclouds.blobstore.domain.StorageMetadata; import org.jclouds.blobstore.domain.StorageMetadata;
import org.jclouds.blobstore.options.ListContainerOptions; import org.jclouds.blobstore.options.ListContainerOptions;
import org.jclouds.http.HttpRequest;
import org.jclouds.http.HttpResponse;
import org.jclouds.io.Payload; import org.jclouds.io.Payload;
import org.jclouds.io.payloads.ByteSourcePayload; import org.jclouds.io.payloads.ByteSourcePayload;
import org.jclouds.rest.HttpClient; import org.jclouds.rest.HttpClient;
@ -52,6 +58,8 @@ public final class S3ProxyTest {
@Before @Before
public void setUp() throws Exception { public void setUp() throws Exception {
Properties properties = new Properties(); Properties properties = new Properties();
properties.setProperty(Constants.PROPERTY_ENDPOINT,
s3Endpoint.toString());
context = ContextBuilder context = ContextBuilder
.newBuilder("transient") .newBuilder("transient")
.credentials("identity", "credential") .credentials("identity", "credential")
@ -243,4 +251,29 @@ public final class S3ProxyTest {
s3BlobStore.removeBlob(containerName, blobName); s3BlobStore.removeBlob(containerName, blobName);
} }
// TODO: this test fails since S3BlobRequestSigner does not implement the
// same logic as AWSS3BlobRequestSigner.signForTemporaryAccess.
@Ignore
@Test
public void testUrlSigning() throws Exception {
HttpClient httpClient = s3Context.utils().http();
BlobRequestSigner signer = s3Context.getSigner();
String blobName = "blob";
ByteSource byteSource = ByteSource.wrap(new byte[1]);
Blob blob = s3BlobStore.blobBuilder(blobName)
.payload(byteSource)
.contentLength(byteSource.size())
.build();
HttpRequest putRequest = signer.signPutBlob(containerName, blob, 10);
HttpResponse putResponse = httpClient.invoke(putRequest);
assertThat(putResponse.getStatusCode())
.isEqualTo(HttpServletResponse.SC_OK);
HttpRequest getRequest = signer.signGetBlob(containerName, blobName, 10);
HttpResponse getResponse = httpClient.invoke(getRequest);
assertThat(getResponse.getStatusCode())
.isEqualTo(HttpServletResponse.SC_OK);
}
} }