Compare commits

...

2 Commits

Author SHA1 Message Date
Lauren Spiegel 20260875e5 DROP ME -version change 2016-08-25 16:42:37 -07:00
Lauren Spiegel cc641fe63f Change expire cap for v2 query auth 2016-08-25 16:41:16 -07:00
2 changed files with 12 additions and 5 deletions

View File

@ -4,7 +4,6 @@ const errors = require('../../errors');
const algoCheck = require('./algoCheck');
const constructStringToSign = require('./constructStringToSign');
const checkRequestExpiry = require('./checkRequestExpiry');
let vault = require('../vault');
@ -24,7 +23,7 @@ queryAuthCheck.check = (request, log, callback) => {
/*
Check whether request has expired or if
expires parameter is more than 15 minutes in the future.
expires parameter is more than 60 minutes (and 1 second) in the future.
Expires time is provided in seconds so need to
multiply by 1000 to obtain
milliseconds to compare to Date.now()
@ -35,8 +34,16 @@ queryAuthCheck.check = (request, log, callback) => {
{ expires: request.query.Expires });
return callback(errors.MissingSecurityHeader);
}
const timeout = checkRequestExpiry(expirationTime, log);
if (timeout) {
const currentTime = Date.now();
// One hour and 1 second in milliseconds: 3601000
if (expirationTime > currentTime + 3601000) {
log.debug('expires parameter too far in future',
{ expires: request.query.Expires });
return callback(errors.AccessDenied);
}
if (currentTime > expirationTime) {
log.debug('current time exceeds expires time',
{ expires: request.query.Expires });
return callback(errors.RequestTimeTooSkewed);
}
const accessKey = request.query.AWSAccessKeyId;

View File

@ -1,6 +1,6 @@
{
"name": "arsenal",
"version": "1.1.0",
"version": "1.1.0-query",
"description": "Common utilities for the S3 project components",
"main": "index.js",
"repository": {