Compare commits

...

3 Commits

Author SHA1 Message Date
Rahul Padigela 1f4c3c2216 enable dropbuffersupport option 2016-09-29 14:45:53 -07:00
Rahul Padigela 3d07888dc5 add hiredis 2016-09-29 14:45:53 -07:00
alexandremerle b8c94fb1a1 Refactor auth api step 1 2016-09-28 15:48:24 -07:00
4 changed files with 23 additions and 7 deletions

View File

@ -19,9 +19,22 @@ class Vault {
} }
/** authenticateV4Request /** authenticateV4Request
* @param {object} params - contains accessKey (string), *
* signatureFromRequest (string), region (string), * @param {object} params - the authentication parameters as returned by
* stringToSign (string) and log (object) * auth.extractParams
* @param {number} params.version - shall equal 4
* @param {string} params.data.accessKey - the user's accessKey
* @param {string} params.data.signatureFromRequest - the signature read from
* the request
* @param {string} params.data.region - the AWS region
* @param {string} params.data.stringToSign - the stringToSign
* @param {string} params.data.scopeDate - the timespan to allow the request
* @param {string} params.data.authType - the type of authentication
* (query or header)
* @param {string} params.data.signatureVersion - the version of the
* signature (AWS or AWS4)
* @param {number} params.data.signatureAge - the age of the signature in ms
* @param {string} params.data.log - the logger object
* @param {RequestContext []} requestContexts - an array of * @param {RequestContext []} requestContexts - an array of
* RequestContext instances which contain information * RequestContext instances which contain information
* for policy authorization check * for policy authorization check
@ -30,8 +43,9 @@ class Vault {
*/ */
authenticateV4Request(params, requestContexts, callback) { authenticateV4Request(params, requestContexts, callback) {
const { accessKey, signatureFromRequest, region, scopeDate, const { accessKey, signatureFromRequest, region, scopeDate,
stringToSign, log } stringToSign }
= params; = params.data;
const log = params.log;
log.debug('authenticating V4 request'); log.debug('authenticating V4 request');
const serializedRCs = requestContexts.map(rc => rc.serialize()); const serializedRCs = requestContexts.map(rc => rc.serialize());
this._client.verifySignatureV4(stringToSign, signatureFromRequest, this._client.verifySignatureV4(stringToSign, signatureFromRequest,

View File

@ -20,6 +20,7 @@
"babel-plugin-transform-es2015-destructuring": "^6.1.18", "babel-plugin-transform-es2015-destructuring": "^6.1.18",
"babel-plugin-transform-es2015-modules-commonjs": "^6.2.0", "babel-plugin-transform-es2015-modules-commonjs": "^6.2.0",
"babel-plugin-transform-es2015-parameters": "^6.2.0", "babel-plugin-transform-es2015-parameters": "^6.2.0",
"hiredis": "^0.5.0",
"ioredis": "^2.3.0", "ioredis": "^2.3.0",
"vaultclient": "scality/vaultclient#rel/6.2", "vaultclient": "scality/vaultclient#rel/6.2",
"werelogs": "scality/werelogs#rel/6.2" "werelogs": "scality/werelogs#rel/6.2"

View File

@ -216,10 +216,10 @@ class Router {
utapiRequest.getRequesterIp(), utapiRequest.getSslEnabled(), utapiRequest.getRequesterIp(), utapiRequest.getSslEnabled(),
utapiRequest.getAction(), 'utapi') utapiRequest.getAction(), 'utapi')
); );
auth.setAuthHandler(this._vault); auth.setHandler(this._vault);
const requestPlusPath = utapiRequest.getRequest(); const requestPlusPath = utapiRequest.getRequest();
requestPlusPath.path = utapiRequest.getRequestPath(); requestPlusPath.path = utapiRequest.getRequestPath();
return auth.doAuth(requestPlusPath, log, (err, authResults) => { return auth.server.doAuth(requestPlusPath, log, (err, authResults) => {
if (err) { if (err) {
return cb(err); return cb(err);
} }

View File

@ -12,6 +12,7 @@ export default function redisClient(config, log) {
enableOfflineQueue: false, enableOfflineQueue: false,
// keep alive 3 seconds // keep alive 3 seconds
keepAlive: 3000, keepAlive: 3000,
dropBufferSupport: true,
}, config)); }, config));
redisClient.on('error', err => log.trace('error with redis client', { redisClient.on('error', err => log.trace('error with redis client', {
error: err, error: err,