mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
signature-v2: Use request.RequestURI for signature calculation. (#3616)
* signature-v2: Use request.RequestURI for signature calculation. * Use splitStr instead of strings.Split
This commit is contained in:
parent
fc6f804865
commit
8489f22fe2
@ -85,16 +85,9 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
|
||||
// Access credentials.
|
||||
cred := serverConfig.GetCredential()
|
||||
|
||||
// url.RawPath will be valid if path has any encoded characters, if not it will
|
||||
// be empty - in which case we need to consider url.Path (bug in net/http?)
|
||||
encodedResource := r.URL.RawPath
|
||||
encodedQuery := r.URL.RawQuery
|
||||
if encodedResource == "" {
|
||||
splits := strings.Split(r.URL.Path, "?")
|
||||
if len(splits) > 0 {
|
||||
encodedResource = getURLEncodedName(splits[0])
|
||||
}
|
||||
}
|
||||
// r.RequestURI will have raw encoded URI as sent by the client.
|
||||
splits := splitStr(r.RequestURI, "?", 2)
|
||||
encodedResource, encodedQuery := splits[0], splits[1]
|
||||
|
||||
queries := strings.Split(encodedQuery, "&")
|
||||
var filteredQueries []string
|
||||
@ -213,19 +206,9 @@ func doesSignV2Match(r *http.Request) APIErrorCode {
|
||||
return apiError
|
||||
}
|
||||
|
||||
// Encode path:
|
||||
// url.RawPath will be valid if path has any encoded characters, if not it will
|
||||
// be empty - in which case we need to consider url.Path (bug in net/http?)
|
||||
encodedResource := r.URL.RawPath
|
||||
if encodedResource == "" {
|
||||
splits := strings.Split(r.URL.Path, "?")
|
||||
if len(splits) > 0 {
|
||||
encodedResource = getURLEncodedName(splits[0])
|
||||
}
|
||||
}
|
||||
|
||||
// Encode query strings
|
||||
encodedQuery := r.URL.Query().Encode()
|
||||
// r.RequestURI will have raw encoded URI as sent by the client.
|
||||
splits := splitStr(r.RequestURI, "?", 2)
|
||||
encodedResource, encodedQuery := splits[0], splits[1]
|
||||
|
||||
expectedAuth := signatureV2(r.Method, encodedResource, encodedQuery, r.Header)
|
||||
if v2Auth != expectedAuth {
|
||||
|
@ -101,6 +101,8 @@ func TestDoesPresignedV2SignatureMatch(t *testing.T) {
|
||||
if e != nil {
|
||||
t.Errorf("(%d) failed to create http.Request, got %v", i, e)
|
||||
}
|
||||
// Should be set since we are simulating a http server.
|
||||
req.RequestURI = req.URL.RequestURI()
|
||||
|
||||
// Do the same for the headers.
|
||||
for key, value := range testCase.headers {
|
||||
|
@ -1739,20 +1739,25 @@ func prepareXLStorageDisks(t *testing.T) ([]StorageAPI, []string) {
|
||||
// initializes the specified API endpoints for the tests.
|
||||
// initialies the root and returns its path.
|
||||
// return credentials.
|
||||
func initAPIHandlerTest(obj ObjectLayer, endpoints []string) (bucketName string, apiRouter http.Handler, err error) {
|
||||
func initAPIHandlerTest(obj ObjectLayer, endpoints []string) (string, http.Handler, error) {
|
||||
// get random bucket name.
|
||||
bucketName = getRandomBucketName()
|
||||
bucketName := getRandomBucketName()
|
||||
|
||||
// Create bucket.
|
||||
err = obj.MakeBucket(bucketName)
|
||||
err := obj.MakeBucket(bucketName)
|
||||
if err != nil {
|
||||
// failed to create newbucket, return err.
|
||||
return "", nil, err
|
||||
}
|
||||
// Register the API end points with XL object layer.
|
||||
// Registering only the GetObject handler.
|
||||
apiRouter = initTestAPIEndPoints(obj, endpoints)
|
||||
return bucketName, apiRouter, nil
|
||||
apiRouter := initTestAPIEndPoints(obj, endpoints)
|
||||
var f http.HandlerFunc
|
||||
f = func(w http.ResponseWriter, r *http.Request) {
|
||||
r.RequestURI = r.URL.RequestURI()
|
||||
apiRouter.ServeHTTP(w, r)
|
||||
}
|
||||
return bucketName, f, nil
|
||||
}
|
||||
|
||||
// ExecObjectLayerAPIAnonTest - Helper function to validate object Layer API handler
|
||||
|
Loading…
Reference in New Issue
Block a user