Compare commits

..

No commits in common. "20260875e5d2dcbe3b061547ed30ab43cb6efea1" and "4b1288c2262a0bcd9e350480e9a627f7b1300c88" have entirely different histories.

2 changed files with 5 additions and 12 deletions

View File

@ -4,6 +4,7 @@ const errors = require('../../errors');
const algoCheck = require('./algoCheck');
const constructStringToSign = require('./constructStringToSign');
const checkRequestExpiry = require('./checkRequestExpiry');
let vault = require('../vault');
@ -23,7 +24,7 @@ queryAuthCheck.check = (request, log, callback) => {
/*
Check whether request has expired or if
expires parameter is more than 60 minutes (and 1 second) in the future.
expires parameter is more than 15 minutes in the future.
Expires time is provided in seconds so need to
multiply by 1000 to obtain
milliseconds to compare to Date.now()
@ -34,16 +35,8 @@ queryAuthCheck.check = (request, log, callback) => {
{ expires: request.query.Expires });
return callback(errors.MissingSecurityHeader);
}
const currentTime = Date.now();
// One hour and 1 second in milliseconds: 3601000
if (expirationTime > currentTime + 3601000) {
log.debug('expires parameter too far in future',
{ expires: request.query.Expires });
return callback(errors.AccessDenied);
}
if (currentTime > expirationTime) {
log.debug('current time exceeds expires time',
{ expires: request.query.Expires });
const timeout = checkRequestExpiry(expirationTime, log);
if (timeout) {
return callback(errors.RequestTimeTooSkewed);
}
const accessKey = request.query.AWSAccessKeyId;

View File

@ -1,6 +1,6 @@
{
"name": "arsenal",
"version": "1.1.0-query",
"version": "1.1.0",
"description": "Common utilities for the S3 project components",
"main": "index.js",
"repository": {