MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-04-08 21:55:44 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow shareable URLs with rotating creds (#10135)

Browse Source 
closes #8935
This commit is contained in:
Harshavardhana 2020-07-27 09:02:53 -07:00 committed by GitHub
parent 6529dcb3b5
commit 9108abf204
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/web-handlers.go
View File

@ -1994,6 +1994,7 @@ func (web *webAPIHandlers) PresignedGet(r *http.Request, args *PresignedGetArgs,
func presignedGet(host, bucket, object string, expiry int64, creds auth.Credentials, region string) string { func presignedGet(host, bucket, object string, expiry int64, creds auth.Credentials, region string) string {
accessKey := creds.AccessKey accessKey := creds.AccessKey
secretKey := creds.SecretKey secretKey := creds.SecretKey
sessionToken := creds.SessionToken
date := UTCNow() date := UTCNow()
dateStr := date.Format(iso8601Format) dateStr := date.Format(iso8601Format)
@ -2009,6 +2010,10 @@ func presignedGet(host, bucket, object string, expiry int64, creds auth.Credenti
query.Set(xhttp.AmzCredential, credential) query.Set(xhttp.AmzCredential, credential)
query.Set(xhttp.AmzDate, dateStr) query.Set(xhttp.AmzDate, dateStr)
query.Set(xhttp.AmzExpires, expiryStr) query.Set(xhttp.AmzExpires, expiryStr)
// Set session token if available.
if sessionToken != "" {
query.Set(xhttp.AmzSecurityToken, sessionToken)
}
query.Set(xhttp.AmzSignedHeaders, "host") query.Set(xhttp.AmzSignedHeaders, "host")
queryStr := s3utils.QueryEncode(query) queryStr := s3utils.QueryEncode(query)
@ -2022,10 +2027,6 @@ func presignedGet(host, bucket, object string, expiry int64, creds auth.Credenti
signingKey := getSigningKey(secretKey, date, region, serviceS3) signingKey := getSigningKey(secretKey, date, region, serviceS3)
signature := getSignature(signingKey, stringToSign) signature := getSignature(signingKey, stringToSign)
// Construct the final presigned URL.
if creds.SessionToken != "" {
return host + s3utils.EncodePath(path) + "?" + queryStr + "&" + xhttp.AmzSignature + "=" + signature + "&" + xhttp.AmzSecurityToken + "=" + creds.SessionToken
}
return host + s3utils.EncodePath(path) + "?" + queryStr + "&" + xhttp.AmzSignature + "=" + signature return host + s3utils.EncodePath(path) + "?" + queryStr + "&" + xhttp.AmzSignature + "=" + signature
} }