Compare commits
1 Commits
developmen
...
feature/S3
| Author | SHA1 | Date |
|---|---|---|
bbuchanan9
|
5a9146988e |
|
|
@ -15,6 +15,14 @@ To run the server:
|
||||||
npm start
|
npm start
|
||||||
```
|
```
|
||||||
|
|
||||||
|
To run the server without using the [Signature Version 4 Signing Process](
|
||||||
|
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html), set the
|
||||||
|
environment variable `NO_AUTH` to `'true'`:
|
||||||
|
|
||||||
|
```
|
||||||
|
NO_AUTH=true npm start
|
||||||
|
```
|
||||||
|
|
||||||
## Client
|
## Client
|
||||||
|
|
||||||
The module exposes a client, named UtapiClient. Projects can use this client to
|
The module exposes a client, named UtapiClient. Projects can use this client to
|
||||||
|
|
|
||||||
|
|
@ -199,6 +199,10 @@ class Router {
|
||||||
*/
|
*/
|
||||||
_authSquared(utapiRequest, cb) {
|
_authSquared(utapiRequest, cb) {
|
||||||
const log = utapiRequest.getLog();
|
const log = utapiRequest.getLog();
|
||||||
|
if (process.env.NO_AUTH === 'true') {
|
||||||
|
log.trace('skipping authentication check');
|
||||||
|
return process.nextTick(() => cb());
|
||||||
|
}
|
||||||
const authHeader = utapiRequest.getRequestHeaders().authorization;
|
const authHeader = utapiRequest.getRequestHeaders().authorization;
|
||||||
if (!authHeader || !authHeader.startsWith('AWS4')) {
|
if (!authHeader || !authHeader.startsWith('AWS4')) {
|
||||||
log.trace('missing auth header for v4 auth');
|
log.trace('missing auth header for v4 auth');
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,53 @@
|
||||||
|
import assert from 'assert';
|
||||||
|
import { errors } from 'arsenal';
|
||||||
|
import { Logger } from 'werelogs';
|
||||||
|
import config from '../../src/lib/Config';
|
||||||
|
import Router from '../../src/router/Router';
|
||||||
|
import UtapiRequest from '../../src/lib/UtapiRequest';
|
||||||
|
|
||||||
|
describe('Router', () => {
|
||||||
|
const router = new Router(config);
|
||||||
|
|
||||||
|
describe('::_authSquared', () => {
|
||||||
|
const log = new Logger('UtapiRequest');
|
||||||
|
const request = new UtapiRequest().setLog(log);
|
||||||
|
|
||||||
|
describe('with unauthorized request', () => {
|
||||||
|
before(() => {
|
||||||
|
const incomingMessage = {
|
||||||
|
headers: {
|
||||||
|
authorization: false,
|
||||||
|
},
|
||||||
|
};
|
||||||
|
request.setRequest(incomingMessage);
|
||||||
|
});
|
||||||
|
|
||||||
|
after(() => {
|
||||||
|
request.setRequest(null);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should return InvalidRequest error', done => {
|
||||||
|
const expected = errors.InvalidRequest
|
||||||
|
.customizeDescription('Must use Auth V4 for this request.');
|
||||||
|
router._authSquared(request, err => {
|
||||||
|
assert.deepStrictEqual(expected, err);
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('with NO_AUTH=true', () => {
|
||||||
|
before(() => {
|
||||||
|
process.env.NO_AUTH = 'true';
|
||||||
|
});
|
||||||
|
|
||||||
|
after(() => {
|
||||||
|
process.env.NO_AUTH = 'false';
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should not return InvalidRequest error', done => {
|
||||||
|
router._authSquared(request, done);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
Loading…
Reference in New Issue