MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add Request Not Ready error when presigned date request is not valid (#2646)

This commit is contained in:
Anis Elleuch 2016-09-10 08:38:07 +01:00 committed by Harshavardhana
parent 32201a18ab
commit 11785529fc
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/api-errors.go
View File

@ -103,6 +103,7 @@ const (
ErrNegativeExpires ErrNegativeExpires
ErrAuthHeaderEmpty ErrAuthHeaderEmpty
ErrExpiredPresignRequest ErrExpiredPresignRequest
ErrRequestNotReadyYet
ErrUnsignedHeaders ErrUnsignedHeaders
ErrMissingDateHeader ErrMissingDateHeader
ErrInvalidQuerySignatureAlgo ErrInvalidQuerySignatureAlgo
@ -448,6 +449,11 @@ var errorCodeResponse = map[APIErrorCode]APIError{
Description: "Request has expired", Description: "Request has expired",
HTTPStatusCode: http.StatusForbidden, HTTPStatusCode: http.StatusForbidden,
}, },
ErrRequestNotReadyYet: {
Code: "AccessDenied",
Description: "Request is not valid yet",
HTTPStatusCode: http.StatusForbidden,
},
// FIXME: Actual XML error response also contains the header which missed in lsit of signed header parameters. // FIXME: Actual XML error response also contains the header which missed in lsit of signed header parameters.
ErrUnsignedHeaders: { ErrUnsignedHeaders: {
Code: "AccessDenied", Code: "AccessDenied",

4
cmd/signature-v4.go
View File

@ -246,6 +246,10 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, validate
query.Set("X-Amz-Algorithm", signV4Algorithm) query.Set("X-Amz-Algorithm", signV4Algorithm)
if pSignValues.Date.After(time.Now().UTC()) {
return ErrRequestNotReadyYet
}
if time.Now().UTC().Sub(pSignValues.Date) > time.Duration(pSignValues.Expires) { if time.Now().UTC().Sub(pSignValues.Date) > time.Duration(pSignValues.Expires) {
return ErrExpiredPresignRequest return ErrExpiredPresignRequest
} }