API: ListBuckets doesn't have a body, we should never read the body. (#2218)

ListBuckets was incorrectly reading the body of the request, fix it.
2025-11-28 13:09:09 -05:00 · 2016-07-17 13:23:15 -07:00
parent aaf7803831
commit aeac902747
2 changed files with 31 additions and 43 deletions
--- a/auth-handler.go
+++ b/auth-handler.go
@@ -147,8 +147,23 @@ func isReqAuthenticated(r *http.Request) (s3Error APIErrorCode) {
 	return ErrAccessDenied
 }

-// authHandler - handles all the incoming authorization headers and
-// validates them if possible.
+// checkAuth - checks for conditions satisfying the authorization of
+// the incoming request. Request should be either Presigned or Signed
+// in accordance with AWS S3 Signature V4 requirements. ErrAccessDenied
+// is returned for unhandled auth type. Once the auth type is indentified
+// request headers and body are used to calculate the signature validating
+// the client signature present in request.
+func checkAuth(w http.ResponseWriter, r *http.Request) APIErrorCode {
+	authType := getRequestAuthType(r)
+	if authType != authTypePresigned && authType != authTypeSigned {
+		// For all unhandled auth types return error AccessDenied.
+		return ErrAccessDenied
+	}
+	// Validates the request for both Presigned and Signed.
+	return isReqAuthenticated(r)
+}
+
+// authHandler - handles all the incoming authorization headers and validates them if possible.
 type authHandler struct {
 	handler http.Handler
 }