diff --git a/pkg/api/api_bucket_handlers.go b/pkg/api/api_bucket_handlers.go index 1ffd66e7b..ad628367d 100644 --- a/pkg/api/api_bucket_handlers.go +++ b/pkg/api/api_bucket_handlers.go @@ -69,10 +69,6 @@ func (server *minioAPI) isValidOp(w http.ResponseWriter, req *http.Request, acce // func (server *minioAPI) listObjectsHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } // verify if bucket allows this operation if !server.isValidOp(w, req, acceptsContentType) { return @@ -123,10 +119,6 @@ func (server *minioAPI) listObjectsHandler(w http.ResponseWriter, req *http.Requ // owned by the authenticated sender of the request. func (server *minioAPI) listBucketsHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } // uncomment this when we have webcli // without access key credentials one cannot list buckets // if _, err := stripAuth(req); err != nil { @@ -161,10 +153,6 @@ func (server *minioAPI) listBucketsHandler(w http.ResponseWriter, req *http.Requ // This implementation of the PUT operation creates a new bucket for authenticated request func (server *minioAPI) putBucketHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } // uncomment this when we have webcli // without access key credentials one cannot create a bucket // if _, err := stripAuth(req); err != nil { @@ -217,11 +205,6 @@ func (server *minioAPI) putBucketHandler(w http.ResponseWriter, req *http.Reques // This implementation of the PUT operation modifies the bucketACL for authenticated request func (server *minioAPI) putBucketACLHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } - // read from 'x-amz-acl' aclType := getACLType(req) if aclType == unsupportedACLType { @@ -261,11 +244,6 @@ func (server *minioAPI) putBucketACLHandler(w http.ResponseWriter, req *http.Req // return responses such as 404 Not Found and 403 Forbidden. func (server *minioAPI) headBucketHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } - // verify if bucket allows this operation if !server.isValidOp(w, req, acceptsContentType) { return diff --git a/pkg/api/api_generic_handlers.go b/pkg/api/api_generic_handlers.go index 644e22ddc..16378da81 100644 --- a/pkg/api/api_generic_handlers.go +++ b/pkg/api/api_generic_handlers.go @@ -25,12 +25,15 @@ import ( "github.com/minio/minio/pkg/api/config" ) +type contentTypeHandler struct { + handler http.Handler +} + type timeHandler struct { handler http.Handler } type validateAuthHandler struct { - conf config.Config handler http.Handler } @@ -46,6 +49,10 @@ type auth struct { accessKey string } +const ( + timeFormat = "20060102T150405Z" +) + // strip auth from authorization header func stripAuth(r *http.Request) (*auth, error) { authHeader := r.Header.Get("Authorization") @@ -74,10 +81,6 @@ func stripAuth(r *http.Request) (*auth, error) { return a, nil } -const ( - timeFormat = "20060102T150405Z" -) - func getDate(req *http.Request) (time.Time, error) { amzDate := req.Header.Get("X-Amz-Date") switch { @@ -108,16 +111,25 @@ func getDate(req *http.Request) (time.Time, error) { return time.Time{}, errors.New("invalid request") } +func validContentTypeHandler(h http.Handler) http.Handler { + return contentTypeHandler{h} +} + +func (h contentTypeHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { + acceptsContentType := getContentType(r) + if acceptsContentType == unknownContentType { + writeErrorResponse(w, r, NotAcceptable, acceptsContentType, r.URL.Path) + return + } + h.handler.ServeHTTP(w, r) +} + func timeValidityHandler(h http.Handler) http.Handler { return timeHandler{h} } func (h timeHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { acceptsContentType := getContentType(r) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, r, NotAcceptable, acceptsContentType, r.URL.Path) - return - } // Verify if date headers are set, if not reject the request if r.Header.Get("Authorization") != "" { if r.Header.Get("X-Amz-Date") == "" && r.Header.Get("Date") == "" { @@ -143,29 +155,27 @@ func (h timeHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { // validate auth header handler is wrapper handler used for API request validation with authorization header. // Current authorization layer supports S3's standard HMAC based signature request. -func validateAuthHeaderHandler(conf config.Config, h http.Handler) http.Handler { - return validateAuthHandler{ - conf: conf, - handler: h, - } +func validateAuthHeaderHandler(h http.Handler) http.Handler { + return validateAuthHandler{h} } // validate auth header handler ServeHTTP() wrapper func (h validateAuthHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { acceptsContentType := getContentType(r) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, r, NotAcceptable, acceptsContentType, r.URL.Path) - return - } _, err := stripAuth(r) switch err.(type) { case nil: - if err := h.conf.ReadConfig(); err != nil { + var conf = config.Config{} + if err := conf.SetupConfig(); err != nil { + writeErrorResponse(w, r, InternalError, acceptsContentType, r.URL.Path) + return + } + if err := conf.ReadConfig(); err != nil { writeErrorResponse(w, r, InternalError, acceptsContentType, r.URL.Path) return } // uncomment this when we have webcli - // _, ok := h.conf.Users[auth.accessKey] + // _, ok := conf.Users[auth.accessKey] //if !ok { // writeErrorResponse(w, r, AccessDenied, acceptsContentType, r.URL.Path) // return @@ -189,10 +199,6 @@ func ignoreResourcesHandler(h http.Handler) http.Handler { // Resource handler ServeHTTP() wrapper func (h resourceHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { acceptsContentType := getContentType(r) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, r, NotAcceptable, acceptsContentType, r.URL.Path) - return - } if ignoreNotImplementedObjectResources(r) || ignoreNotImplementedBucketResources(r) { error := getErrorCode(NotImplemented) errorResponse := getErrorResponse(error, "") diff --git a/pkg/api/api_object_handlers.go b/pkg/api/api_object_handlers.go index 3f03cb556..d6260ab6e 100644 --- a/pkg/api/api_object_handlers.go +++ b/pkg/api/api_object_handlers.go @@ -39,11 +39,6 @@ const ( // you must have READ access to the object. func (server *minioAPI) getObjectHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } - // verify if this operation is allowed if !server.isValidOp(w, req, acceptsContentType) { return @@ -101,11 +96,6 @@ func (server *minioAPI) getObjectHandler(w http.ResponseWriter, req *http.Reques // The HEAD operation retrieves metadata from an object without returning the object itself. func (server *minioAPI) headObjectHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } - // verify if this operation is allowed if !server.isValidOp(w, req, acceptsContentType) { return @@ -144,11 +134,6 @@ func (server *minioAPI) headObjectHandler(w http.ResponseWriter, req *http.Reque // This implementation of the PUT operation adds an object to a bucket. func (server *minioAPI) putObjectHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } - // verify if this operation is allowed if !server.isValidOp(w, req, acceptsContentType) { return @@ -224,13 +209,7 @@ func (server *minioAPI) putObjectHandler(w http.ResponseWriter, req *http.Reques } func (server *minioAPI) newMultipartUploadHandler(w http.ResponseWriter, req *http.Request) { - // TODO ensure ?uploads is part of URL acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } - // handle ACL's here at bucket level if !server.isValidOp(w, req, acceptsContentType) { return @@ -262,11 +241,6 @@ func (server *minioAPI) newMultipartUploadHandler(w http.ResponseWriter, req *ht func (server *minioAPI) putObjectPartHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } - // handle ACL's here at bucket level if !server.isValidOp(w, req, acceptsContentType) { return @@ -356,10 +330,7 @@ func (server *minioAPI) putObjectPartHandler(w http.ResponseWriter, req *http.Re func (server *minioAPI) abortMultipartUploadHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } + vars := mux.Vars(req) bucket := vars["bucket"] object := vars["object"] @@ -381,10 +352,7 @@ func (server *minioAPI) abortMultipartUploadHandler(w http.ResponseWriter, req * func (server *minioAPI) listObjectPartsHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } + vars := mux.Vars(req) bucket := vars["bucket"] object := vars["object"] @@ -415,10 +383,6 @@ func (server *minioAPI) listObjectPartsHandler(w http.ResponseWriter, req *http. func (server *minioAPI) completeMultipartUploadHandler(w http.ResponseWriter, req *http.Request) { acceptsContentType := getContentType(req) - if acceptsContentType == unknownContentType { - writeErrorResponse(w, req, NotAcceptable, acceptsContentType, req.URL.Path) - return - } decoder := xml.NewDecoder(req.Body) parts := &CompleteMultipartUpload{} diff --git a/pkg/api/api_router.go b/pkg/api/api_router.go index e459fa915..429bbad2e 100644 --- a/pkg/api/api_router.go +++ b/pkg/api/api_router.go @@ -21,11 +21,9 @@ import ( "net/http" router "github.com/gorilla/mux" - "github.com/minio/minio/pkg/api/config" "github.com/minio/minio/pkg/api/logging" "github.com/minio/minio/pkg/api/quota" "github.com/minio/minio/pkg/featureflags" - "github.com/minio/minio/pkg/iodine" "github.com/minio/minio/pkg/storage/drivers" ) @@ -57,13 +55,10 @@ func HTTPHandler(driver drivers.Driver) http.Handler { mux.HandleFunc("/{bucket}/{object:.*}", api.getObjectHandler).Methods("GET") mux.HandleFunc("/{bucket}/{object:.*}", api.putObjectHandler).Methods("PUT") - var conf = config.Config{} - if err := conf.SetupConfig(); err != nil { - log.Fatal(iodine.New(err, nil)) - } - h := timeValidityHandler(mux) + h := validContentTypeHandler(mux) + h = timeValidityHandler(h) h = ignoreResourcesHandler(h) - h = validateAuthHeaderHandler(conf, h) + h = validateAuthHeaderHandler(h) // h = quota.BandwidthCap(h, 25*1024*1024, time.Duration(30*time.Minute)) // h = quota.BandwidthCap(h, 100*1024*1024, time.Duration(24*time.Hour)) // h = quota.RequestLimit(h, 100, time.Duration(30*time.Minute))