Fix request headers being overwritten

Fix unit tests missing rawHeaders
Fix base64 decoding
2016-12-15 20:30:20 -08:00 · 2016-12-15 19:47:35 -08:00 · 2016-12-15 19:35:26 -08:00 · 2016-12-15 14:31:13 -08:00
2 changed files with 29 additions and 2 deletions
--- a/lib/auth/auth.js
+++ b/lib/auth/auth.js
@ -32,6 +32,15 @@ function setAuthHandler(handler) {
    return auth;
 }

+function decodeHeader(value) {
+    // extract string after 'x-amz-meta-scality-rewritten-'
+    let tail = value.slice(29);
+    tail = tail.replace(/\|/g, '/');
+    tail = tail.replace(/-/g, '=');
+    tail = Buffer.from(tail, 'base64').toString();
+    return `x-amz-meta-${tail}`;
+}
+
 /**
 * This function will check validity of request parameters to authenticate
 *
@ -51,7 +60,22 @@ function setAuthHandler(handler) {
 */
 function extractParams(request, log, awsService, data) {
    log.trace('entered', { method: 'Arsenal.auth.server.extractParams' });
-    const authHeader = request.headers.authorization;
+    const modifiedRequest = Object.assign({}, request);
+    modifiedRequest.headers = {};
+    Object.keys(request.headers).forEach(headerName => {
+        modifiedRequest.headers[headerName] = request.headers[headerName];
+    });
+    for (let i = 0; i < modifiedRequest.rawHeaders.length; i += 2) {
+        const headerName = modifiedRequest.rawHeaders[i];
+        const lowerCaseHeaderName = headerName.toLowerCase();
+        if (lowerCaseHeaderName.startsWith('x-amz-meta-scality-rewritten-')) {
+            const decodedHeader = decodeHeader(headerName);
+            modifiedRequest.headers[decodedHeader.toLowerCase()] =
+                request.headers[lowerCaseHeaderName];
+            delete modifiedRequest.headers[lowerCaseHeaderName];
+        }
+    }
+    const authHeader = modifiedRequest.headers.authorization;
    let version = null;
    let method = null;

@ -85,7 +109,8 @@ function extractParams(request, log, awsService, data) {
            return { err: errors.NotImplemented };
        }
        log.trace('identified auth method', { version, authMethod: method });
-        return checkFunctions[version][method](request, log, data, awsService);
+        return checkFunctions[version][method](modifiedRequest, log,
+            data, awsService);
    }

    // no auth info identified
--- a/tests/unit/auth/v2/publicAccess.js
+++ b/tests/unit/auth/v2/publicAccess.js
@ -19,6 +19,7 @@ describe('Public Access', () => {
        const request = {
            method: 'GET',
            headers: { host: 's3.amazonaws.com' },
+            rawHeaders: [],
            url: '/bucket',
            query: {},
        };
@ -46,6 +47,7 @@ describe('Public Access', () => {
                host: 's3.amazonaws.com',
                authorization: 'noAuth',
            },
+            rawHeaders: ['authorization', 'noAuth'],
            url: '/bucket',
            query: {},
        };
Author	SHA1	Message	Date
Rached Ben Mustapha	4a20fac0af	Fix request headers being overwritten	2016-12-15 20:30:20 -08:00
Lauren Spiegel	e741a6e62f	Fix unit tests missing rawHeaders	2016-12-15 19:47:35 -08:00
Rached Ben Mustapha	db6e6c8b87	Fix base64 decoding	2016-12-15 19:35:26 -08:00
Lauren Spiegel	ae8963fdd1	Translate headers for auth.	2016-12-15 14:31:13 -08:00