Compare commits

...

2 Commits

Author SHA1 Message Date
Lauren Spiegel 20260875e5 DROP ME -version change 2016-08-25 16:42:37 -07:00
Lauren Spiegel cc641fe63f Change expire cap for v2 query auth 2016-08-25 16:41:16 -07:00
2 changed files with 12 additions and 5 deletions

View File

@ -4,7 +4,6 @@ const errors = require('../../errors');
const algoCheck = require('./algoCheck'); const algoCheck = require('./algoCheck');
const constructStringToSign = require('./constructStringToSign'); const constructStringToSign = require('./constructStringToSign');
const checkRequestExpiry = require('./checkRequestExpiry');
let vault = require('../vault'); let vault = require('../vault');
@ -24,7 +23,7 @@ queryAuthCheck.check = (request, log, callback) => {
/* /*
Check whether request has expired or if Check whether request has expired or if
expires parameter is more than 15 minutes in the future. expires parameter is more than 60 minutes (and 1 second) in the future.
Expires time is provided in seconds so need to Expires time is provided in seconds so need to
multiply by 1000 to obtain multiply by 1000 to obtain
milliseconds to compare to Date.now() milliseconds to compare to Date.now()
@ -35,8 +34,16 @@ queryAuthCheck.check = (request, log, callback) => {
{ expires: request.query.Expires }); { expires: request.query.Expires });
return callback(errors.MissingSecurityHeader); return callback(errors.MissingSecurityHeader);
} }
const timeout = checkRequestExpiry(expirationTime, log); const currentTime = Date.now();
if (timeout) { // One hour and 1 second in milliseconds: 3601000
if (expirationTime > currentTime + 3601000) {
log.debug('expires parameter too far in future',
{ expires: request.query.Expires });
return callback(errors.AccessDenied);
}
if (currentTime > expirationTime) {
log.debug('current time exceeds expires time',
{ expires: request.query.Expires });
return callback(errors.RequestTimeTooSkewed); return callback(errors.RequestTimeTooSkewed);
} }
const accessKey = request.query.AWSAccessKeyId; const accessKey = request.query.AWSAccessKeyId;

View File

@ -1,6 +1,6 @@
{ {
"name": "arsenal", "name": "arsenal",
"version": "1.1.0", "version": "1.1.0-query",
"description": "Common utilities for the S3 project components", "description": "Common utilities for the S3 project components",
"main": "index.js", "main": "index.js",
"repository": { "repository": {