Fix credential parsing in signature v4 (#7377)

Fixes #7376
This commit is contained in:
poornas 2019-03-16 22:45:42 -07:00 committed by kannappanr
parent 85c5acc088
commit 1011d21416
2 changed files with 20 additions and 1 deletions

View File

@ -66,7 +66,7 @@ func getReqAccessKeyV4(r *http.Request, region string, stype serviceType) (auth.
// parse credentialHeader string into its structured form.
func parseCredentialHeader(credElement string, region string, stype serviceType) (ch credentialHeader, aec APIErrorCode) {
creds := strings.Split(strings.TrimSpace(credElement), "=")
creds := strings.SplitN(strings.TrimSpace(credElement), "=", 2)
if len(creds) != 2 {
return ch, ErrMissingFields
}

View File

@ -216,6 +216,25 @@ func TestParseCredentialHeader(t *testing.T) {
"aws4_request"),
expectedErrCode: ErrNone,
},
// Test Case - 11.
// Test case with right inputs -> AccessKey contains `=`. See minio/#7376
// "aws4_request" is the valid request version.
{
inputCredentialStr: generateCredentialStr(
"LOCALKEY/DEV/1=",
sampleTimeStr,
"us-west-1",
"s3",
"aws4_request"),
expectedCredentials: generateCredentials(
t,
"LOCALKEY/DEV/1=",
sampleTimeStr,
"us-west-1",
"s3",
"aws4_request"),
expectedErrCode: ErrNone,
},
}
for i, testCase := range testCases {