Compare commits

..

No commits in common. "1f4c3c22166a25870c00c17f5f38399d2b523c8f" and "ca4fe1ea7a270e5c3d842c3617ee44d26189232b" have entirely different histories.

4 changed files with 7 additions and 23 deletions

View File

@ -19,22 +19,9 @@ class Vault {
} }
/** authenticateV4Request /** authenticateV4Request
* * @param {object} params - contains accessKey (string),
* @param {object} params - the authentication parameters as returned by * signatureFromRequest (string), region (string),
* auth.extractParams * stringToSign (string) and log (object)
* @param {number} params.version - shall equal 4
* @param {string} params.data.accessKey - the user's accessKey
* @param {string} params.data.signatureFromRequest - the signature read from
* the request
* @param {string} params.data.region - the AWS region
* @param {string} params.data.stringToSign - the stringToSign
* @param {string} params.data.scopeDate - the timespan to allow the request
* @param {string} params.data.authType - the type of authentication
* (query or header)
* @param {string} params.data.signatureVersion - the version of the
* signature (AWS or AWS4)
* @param {number} params.data.signatureAge - the age of the signature in ms
* @param {string} params.data.log - the logger object
* @param {RequestContext []} requestContexts - an array of * @param {RequestContext []} requestContexts - an array of
* RequestContext instances which contain information * RequestContext instances which contain information
* for policy authorization check * for policy authorization check
@ -43,9 +30,8 @@ class Vault {
*/ */
authenticateV4Request(params, requestContexts, callback) { authenticateV4Request(params, requestContexts, callback) {
const { accessKey, signatureFromRequest, region, scopeDate, const { accessKey, signatureFromRequest, region, scopeDate,
stringToSign } stringToSign, log }
= params.data; = params;
const log = params.log;
log.debug('authenticating V4 request'); log.debug('authenticating V4 request');
const serializedRCs = requestContexts.map(rc => rc.serialize()); const serializedRCs = requestContexts.map(rc => rc.serialize());
this._client.verifySignatureV4(stringToSign, signatureFromRequest, this._client.verifySignatureV4(stringToSign, signatureFromRequest,

View File

@ -20,7 +20,6 @@
"babel-plugin-transform-es2015-destructuring": "^6.1.18", "babel-plugin-transform-es2015-destructuring": "^6.1.18",
"babel-plugin-transform-es2015-modules-commonjs": "^6.2.0", "babel-plugin-transform-es2015-modules-commonjs": "^6.2.0",
"babel-plugin-transform-es2015-parameters": "^6.2.0", "babel-plugin-transform-es2015-parameters": "^6.2.0",
"hiredis": "^0.5.0",
"ioredis": "^2.3.0", "ioredis": "^2.3.0",
"vaultclient": "scality/vaultclient#rel/6.2", "vaultclient": "scality/vaultclient#rel/6.2",
"werelogs": "scality/werelogs#rel/6.2" "werelogs": "scality/werelogs#rel/6.2"

View File

@ -216,10 +216,10 @@ class Router {
utapiRequest.getRequesterIp(), utapiRequest.getSslEnabled(), utapiRequest.getRequesterIp(), utapiRequest.getSslEnabled(),
utapiRequest.getAction(), 'utapi') utapiRequest.getAction(), 'utapi')
); );
auth.setHandler(this._vault); auth.setAuthHandler(this._vault);
const requestPlusPath = utapiRequest.getRequest(); const requestPlusPath = utapiRequest.getRequest();
requestPlusPath.path = utapiRequest.getRequestPath(); requestPlusPath.path = utapiRequest.getRequestPath();
return auth.server.doAuth(requestPlusPath, log, (err, authResults) => { return auth.doAuth(requestPlusPath, log, (err, authResults) => {
if (err) { if (err) {
return cb(err); return cb(err);
} }

View File

@ -12,7 +12,6 @@ export default function redisClient(config, log) {
enableOfflineQueue: false, enableOfflineQueue: false,
// keep alive 3 seconds // keep alive 3 seconds
keepAlive: 3000, keepAlive: 3000,
dropBufferSupport: true,
}, config)); }, config));
redisClient.on('error', err => log.trace('error with redis client', { redisClient.on('error', err => log.trace('error with redis client', {
error: err, error: err,