Compare commits
4 Commits
developmen
...
auth/trans
| Author | SHA1 | Date |
|---|---|---|
Rached Ben Mustapha
|
4a20fac0af | |
|
Lauren Spiegel
|
e741a6e62f | |
|
Rached Ben Mustapha
|
db6e6c8b87 | |
|
Lauren Spiegel
|
ae8963fdd1 |
|
|
@ -32,6 +32,15 @@ function setAuthHandler(handler) {
|
||||||
return auth;
|
return auth;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function decodeHeader(value) {
|
||||||
|
// extract string after 'x-amz-meta-scality-rewritten-'
|
||||||
|
let tail = value.slice(29);
|
||||||
|
tail = tail.replace(/\|/g, '/');
|
||||||
|
tail = tail.replace(/-/g, '=');
|
||||||
|
tail = Buffer.from(tail, 'base64').toString();
|
||||||
|
return `x-amz-meta-${tail}`;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This function will check validity of request parameters to authenticate
|
* This function will check validity of request parameters to authenticate
|
||||||
*
|
*
|
||||||
|
|
@ -51,7 +60,22 @@ function setAuthHandler(handler) {
|
||||||
*/
|
*/
|
||||||
function extractParams(request, log, awsService, data) {
|
function extractParams(request, log, awsService, data) {
|
||||||
log.trace('entered', { method: 'Arsenal.auth.server.extractParams' });
|
log.trace('entered', { method: 'Arsenal.auth.server.extractParams' });
|
||||||
const authHeader = request.headers.authorization;
|
const modifiedRequest = Object.assign({}, request);
|
||||||
|
modifiedRequest.headers = {};
|
||||||
|
Object.keys(request.headers).forEach(headerName => {
|
||||||
|
modifiedRequest.headers[headerName] = request.headers[headerName];
|
||||||
|
});
|
||||||
|
for (let i = 0; i < modifiedRequest.rawHeaders.length; i += 2) {
|
||||||
|
const headerName = modifiedRequest.rawHeaders[i];
|
||||||
|
const lowerCaseHeaderName = headerName.toLowerCase();
|
||||||
|
if (lowerCaseHeaderName.startsWith('x-amz-meta-scality-rewritten-')) {
|
||||||
|
const decodedHeader = decodeHeader(headerName);
|
||||||
|
modifiedRequest.headers[decodedHeader.toLowerCase()] =
|
||||||
|
request.headers[lowerCaseHeaderName];
|
||||||
|
delete modifiedRequest.headers[lowerCaseHeaderName];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
const authHeader = modifiedRequest.headers.authorization;
|
||||||
let version = null;
|
let version = null;
|
||||||
let method = null;
|
let method = null;
|
||||||
|
|
||||||
|
|
@ -85,7 +109,8 @@ function extractParams(request, log, awsService, data) {
|
||||||
return { err: errors.NotImplemented };
|
return { err: errors.NotImplemented };
|
||||||
}
|
}
|
||||||
log.trace('identified auth method', { version, authMethod: method });
|
log.trace('identified auth method', { version, authMethod: method });
|
||||||
return checkFunctions[version][method](request, log, data, awsService);
|
return checkFunctions[version][method](modifiedRequest, log,
|
||||||
|
data, awsService);
|
||||||
}
|
}
|
||||||
|
|
||||||
// no auth info identified
|
// no auth info identified
|
||||||
|
|
|
||||||
|
|
@ -19,6 +19,7 @@ describe('Public Access', () => {
|
||||||
const request = {
|
const request = {
|
||||||
method: 'GET',
|
method: 'GET',
|
||||||
headers: { host: 's3.amazonaws.com' },
|
headers: { host: 's3.amazonaws.com' },
|
||||||
|
rawHeaders: [],
|
||||||
url: '/bucket',
|
url: '/bucket',
|
||||||
query: {},
|
query: {},
|
||||||
};
|
};
|
||||||
|
|
@ -46,6 +47,7 @@ describe('Public Access', () => {
|
||||||
host: 's3.amazonaws.com',
|
host: 's3.amazonaws.com',
|
||||||
authorization: 'noAuth',
|
authorization: 'noAuth',
|
||||||
},
|
},
|
||||||
|
rawHeaders: ['authorization', 'noAuth'],
|
||||||
url: '/bucket',
|
url: '/bucket',
|
||||||
query: {},
|
query: {},
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue