kopia lustrzana https://github.com/gaul/s3proxy
Support query string request authentication
rodzic
8f24e8cb7e
commit
8e63a6c93e
|
@ -73,7 +73,6 @@ S3Proxy does not support:
|
||||||
* single-part uploads larger than 2 GB ([upstream issue](https://github.com/jclouds/jclouds/pull/426))
|
* single-part uploads larger than 2 GB ([upstream issue](https://github.com/jclouds/jclouds/pull/426))
|
||||||
* multi-part uploads
|
* multi-part uploads
|
||||||
* bucket ACLs
|
* bucket ACLs
|
||||||
* URL signing
|
|
||||||
* metadata with filesystem provider ([upstream issue](https://github.com/jclouds/jclouds/pull/443))
|
* metadata with filesystem provider ([upstream issue](https://github.com/jclouds/jclouds/pull/443))
|
||||||
* listening on HTTPS
|
* listening on HTTPS
|
||||||
|
|
||||||
|
|
|
@ -103,7 +103,8 @@ final class S3ProxyHandler extends AbstractHandler {
|
||||||
String expectedAuthorization = createAuthorizationHeader(request,
|
String expectedAuthorization = createAuthorizationHeader(request,
|
||||||
identity, credential);
|
identity, credential);
|
||||||
if (!expectedAuthorization.equals(request.getHeader(
|
if (!expectedAuthorization.equals(request.getHeader(
|
||||||
HttpHeaders.AUTHORIZATION))) {
|
HttpHeaders.AUTHORIZATION)) &&
|
||||||
|
!expectedAuthorization.equals("AWS " + request.getParameter("AWSAccessKeyId") + ":" + request.getParameter("Signature"))) {
|
||||||
sendSimpleErrorResponse(response,
|
sendSimpleErrorResponse(response,
|
||||||
HttpServletResponse.SC_FORBIDDEN,
|
HttpServletResponse.SC_FORBIDDEN,
|
||||||
"SignatureDoesNotMatch", "Forbidden");
|
"SignatureDoesNotMatch", "Forbidden");
|
||||||
|
@ -800,7 +801,10 @@ final class S3ProxyHandler extends AbstractHandler {
|
||||||
builder.append(contentType);
|
builder.append(contentType);
|
||||||
}
|
}
|
||||||
builder.append('\n');
|
builder.append('\n');
|
||||||
if (!canonicalizedHeaders.containsKey("x-amz-date")) {
|
String expires = request.getParameter("Expires");
|
||||||
|
if (expires != null) {
|
||||||
|
builder.append(expires);
|
||||||
|
} else if (!canonicalizedHeaders.containsKey("x-amz-date")) {
|
||||||
builder.append(request.getHeader(HttpHeaders.DATE));
|
builder.append(request.getHeader(HttpHeaders.DATE));
|
||||||
}
|
}
|
||||||
builder.append('\n');
|
builder.append('\n');
|
||||||
|
|
|
@ -22,16 +22,22 @@ import java.io.InputStream;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
import java.util.Properties;
|
import java.util.Properties;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
import com.google.common.collect.ImmutableSet;
|
import com.google.common.collect.ImmutableSet;
|
||||||
import com.google.common.io.ByteSource;
|
import com.google.common.io.ByteSource;
|
||||||
|
|
||||||
|
import org.jclouds.Constants;
|
||||||
import org.jclouds.ContextBuilder;
|
import org.jclouds.ContextBuilder;
|
||||||
|
import org.jclouds.blobstore.BlobRequestSigner;
|
||||||
import org.jclouds.blobstore.BlobStore;
|
import org.jclouds.blobstore.BlobStore;
|
||||||
import org.jclouds.blobstore.BlobStoreContext;
|
import org.jclouds.blobstore.BlobStoreContext;
|
||||||
import org.jclouds.blobstore.domain.Blob;
|
import org.jclouds.blobstore.domain.Blob;
|
||||||
import org.jclouds.blobstore.domain.BlobMetadata;
|
import org.jclouds.blobstore.domain.BlobMetadata;
|
||||||
import org.jclouds.blobstore.domain.StorageMetadata;
|
import org.jclouds.blobstore.domain.StorageMetadata;
|
||||||
import org.jclouds.blobstore.options.ListContainerOptions;
|
import org.jclouds.blobstore.options.ListContainerOptions;
|
||||||
|
import org.jclouds.http.HttpRequest;
|
||||||
|
import org.jclouds.http.HttpResponse;
|
||||||
import org.jclouds.io.Payload;
|
import org.jclouds.io.Payload;
|
||||||
import org.jclouds.io.payloads.ByteSourcePayload;
|
import org.jclouds.io.payloads.ByteSourcePayload;
|
||||||
import org.jclouds.rest.HttpClient;
|
import org.jclouds.rest.HttpClient;
|
||||||
|
@ -52,6 +58,8 @@ public final class S3ProxyTest {
|
||||||
@Before
|
@Before
|
||||||
public void setUp() throws Exception {
|
public void setUp() throws Exception {
|
||||||
Properties properties = new Properties();
|
Properties properties = new Properties();
|
||||||
|
properties.setProperty(Constants.PROPERTY_ENDPOINT,
|
||||||
|
s3Endpoint.toString());
|
||||||
context = ContextBuilder
|
context = ContextBuilder
|
||||||
.newBuilder("transient")
|
.newBuilder("transient")
|
||||||
.credentials("identity", "credential")
|
.credentials("identity", "credential")
|
||||||
|
@ -243,4 +251,29 @@ public final class S3ProxyTest {
|
||||||
|
|
||||||
s3BlobStore.removeBlob(containerName, blobName);
|
s3BlobStore.removeBlob(containerName, blobName);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: this test fails since S3BlobRequestSigner does not implement the
|
||||||
|
// same logic as AWSS3BlobRequestSigner.signForTemporaryAccess.
|
||||||
|
@Ignore
|
||||||
|
@Test
|
||||||
|
public void testUrlSigning() throws Exception {
|
||||||
|
HttpClient httpClient = s3Context.utils().http();
|
||||||
|
BlobRequestSigner signer = s3Context.getSigner();
|
||||||
|
|
||||||
|
String blobName = "blob";
|
||||||
|
ByteSource byteSource = ByteSource.wrap(new byte[1]);
|
||||||
|
Blob blob = s3BlobStore.blobBuilder(blobName)
|
||||||
|
.payload(byteSource)
|
||||||
|
.contentLength(byteSource.size())
|
||||||
|
.build();
|
||||||
|
HttpRequest putRequest = signer.signPutBlob(containerName, blob, 10);
|
||||||
|
HttpResponse putResponse = httpClient.invoke(putRequest);
|
||||||
|
assertThat(putResponse.getStatusCode())
|
||||||
|
.isEqualTo(HttpServletResponse.SC_OK);
|
||||||
|
|
||||||
|
HttpRequest getRequest = signer.signGetBlob(containerName, blobName, 10);
|
||||||
|
HttpResponse getResponse = httpClient.invoke(getRequest);
|
||||||
|
assertThat(getResponse.getStatusCode())
|
||||||
|
.isEqualTo(HttpServletResponse.SC_OK);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Ładowanie…
Reference in New Issue