aboutsummaryrefslogtreecommitdiff
path: root/src/api/signature
Commit message (Collapse)AuthorAgeFilesLines
* [unicode-headers] allow utf-8 in headers + add test for object metadataAlex Auvolat2024-03-071-2/+2
|
* [test-presigned] Use a HeaderMap type for QueryMapAlex Auvolat2024-03-041-23/+23
|
* Store original-cased query keys alongside query valuesasonix2024-03-041-10/+23
|
* Lowercase query parameter keys when parsingasonix2024-03-041-1/+1
|
* [fix-signed-headers] aws signatures v4: don't actually check Content-Type is ↵Alex Auvolat2024-03-011-11/+8
| | | | | | | | | | | | | | | | signed This page of the AWS docs indicate that Content-Type should be part of the CanonicalHeaders (and therefore SignedHeaders) strings in signature calculation: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html However, testing with Minio Client revealed that it did not sign the Content-Type header, and therefore we broke CI by expecting it to be signed. With this commit, we don't mandate Content-Type to be signed anymore, for better compatibility with the ecosystem. Testing against the official behavior of S3 on AWS has not been done.
* [fix-auth-ct-eq] use consant time comparison for awsv4 signature verificationfix-auth-ct-eqAlex Auvolat2024-02-291-3/+4
|
* [fix-presigned] add comments and reorganizeAlex Auvolat2024-02-282-53/+81
|
* [fix-presigned] presigned requests: allow x-amz-* query parameters to stand ↵Alex Auvolat2024-02-281-8/+37
| | | | in for equivalent headers
* [fix-presigned] write commentsAlex Auvolat2024-02-281-5/+16
|
* [fix-presigned] add back anonymous request code path + refactoringAlex Auvolat2024-02-282-30/+40
|
* [fix-presigned] PostObject: verify X-Amz-AlgorithmAlex Auvolat2024-02-281-0/+10
|
* [fix-presigned] split presigned/normal signature verificationAlex Auvolat2024-02-281-213/+347
|
* [fix-cargo-toml] fix cargo warnings in Cargo.toml filesfix-cargo-tomlAlex Auvolat2024-02-151-1/+1
|
* [dep-upgrade-202402] refactor use of BodyStreamAlex Auvolat2024-02-071-5/+3
|
* [dep-upgrade-202402] fix obsolete DateTime::from_utc callsAlex Auvolat2024-02-072-4/+4
|
* [dep-upgrade-202402] migration to http/hyper 1.0 for k2v apiAlex Auvolat2024-02-051-4/+0
|
* [dep-upgrade-202402] wip: port to http/hyper crates v1Alex Auvolat2024-02-052-17/+19
|
* payload.rs: Surround / in inverted commas.Jonathan Davies2023-06-061-1/+1
|
* payload.rs: Fixed typo in error message.Jonathan Davies2023-06-061-1/+1
|
* k2v signature verification: double urlencoding (see comment in source code)Alex Auvolat2023-05-181-2/+38
|
* error.rs: Corrected error messages to say unexpected scope.Jonathan Davies2023-02-021-1/+1
|
* Compute hashes on dedicated threadsAlex Auvolat2022-07-291-7/+7
|
* First version of admin API (#298)Alex2022-05-244-16/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | **Spec:** - [x] Start writing - [x] Specify all layout endpoints - [x] Specify all endpoints for operations on keys - [x] Specify all endpoints for operations on key/bucket permissions - [x] Specify all endpoints for operations on buckets - [x] Specify all endpoints for operations on bucket aliases View rendered spec at <https://git.deuxfleurs.fr/Deuxfleurs/garage/src/branch/admin-api/doc/drafts/admin-api.md> **Code:** - [x] Refactor code for admin api to use common api code that was created for K2V **General endpoints:** - [x] Metrics - [x] GetClusterStatus - [x] ConnectClusterNodes - [x] GetClusterLayout - [x] UpdateClusterLayout - [x] ApplyClusterLayout - [x] RevertClusterLayout **Key-related endpoints:** - [x] ListKeys - [x] CreateKey - [x] ImportKey - [x] GetKeyInfo - [x] UpdateKey - [x] DeleteKey **Bucket-related endpoints:** - [x] ListBuckets - [x] CreateBucket - [x] GetBucketInfo - [x] DeleteBucket - [x] PutBucketWebsite - [x] DeleteBucketWebsite **Operations on key/bucket permissions:** - [x] BucketAllowKey - [x] BucketDenyKey **Operations on bucket aliases:** - [x] GlobalAliasBucket - [x] GlobalUnaliasBucket - [x] LocalAliasBucket - [x] LocalUnaliasBucket **And also:** - [x] Separate error type for the admin API (this PR includes a quite big refactoring of error handling) - [x] Add management of website access - [ ] Check that nothing is missing wrt what can be done using the CLI - [ ] Improve formatting of the spec - [x] Make sure everyone is cool with the API design Fix #231 Fix #295 Co-authored-by: Alex Auvolat <alex@adnab.me> Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/298 Co-authored-by: Alex <alex@adnab.me> Co-committed-by: Alex <alex@adnab.me>
* First implementation of K2V (#293)Alex2022-05-103-16/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | **Specification:** View spec at [this URL](https://git.deuxfleurs.fr/Deuxfleurs/garage/src/branch/k2v/doc/drafts/k2v-spec.md) - [x] Specify the structure of K2V triples - [x] Specify the DVVS format used for causality detection - [x] Specify the K2V index (just a counter of number of values per partition key) - [x] Specify single-item endpoints: ReadItem, InsertItem, DeleteItem - [x] Specify index endpoint: ReadIndex - [x] Specify multi-item endpoints: InsertBatch, ReadBatch, DeleteBatch - [x] Move to JSON objects instead of tuples - [x] Specify endpoints for polling for updates on single values (PollItem) **Implementation:** - [x] Table for K2V items, causal contexts - [x] Indexing mechanism and table for K2V index - [x] Make API handlers a bit more generic - [x] K2V API endpoint - [x] K2V API router - [x] ReadItem - [x] InsertItem - [x] DeleteItem - [x] PollItem - [x] ReadIndex - [x] InsertBatch - [x] ReadBatch - [x] DeleteBatch **Testing:** - [x] Just a simple Python script that does some requests to check visually that things are going right (does not contain parsing of results or assertions on returned values) - [x] Actual tests: - [x] Adapt testing framework - [x] Simple test with InsertItem + ReadItem - [x] Test with several Insert/Read/DeleteItem + ReadIndex - [x] Test all combinations of return formats for ReadItem - [x] Test with ReadBatch, InsertBatch, DeleteBatch - [x] Test with PollItem - [x] Test error codes - [ ] Fix most broken stuff - [x] test PollItem broken randomly - [x] when invalid causality tokens are given, errors should be 4xx not 5xx **Improvements:** - [x] Descending range queries - [x] Specify - [x] Implement - [x] Add test - [x] Batch updates to index counter - [x] Put K2V behind `k2v` feature flag Co-authored-by: Alex Auvolat <alex@adnab.me> Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/293 Co-authored-by: Alex <alex@adnab.me> Co-committed-by: Alex <alex@adnab.me>
* fix a clippy lintAlex Auvolat2022-03-281-1/+1
|
* add test framework for arbitraty S3 requeststrinity-1686a2022-03-231-8/+6
| | | | and implement some basic test with it
* garage_api: Update streaming payload stream unit testsKokaKiwi2022-03-231-1/+1
|
* garage_api: Handle streaming payload early in request handlingKokaKiwi2022-03-231-3/+3
|
* Fix some new clippy lintsfix-resyncAlex Auvolat2022-03-141-1/+1
|
* Add tracing output to signature calculationAlex Auvolat2022-02-281-0/+3
|
* Support for PostObject (#222)trinity-1686a2022-02-211-47/+62
| | | | | | | | | | | | | | | | | | Add support for [PostObject](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPOST.html) - [x] routing PostObject properly - [x] parsing multipart body - [x] validating signature - [x] validating policy - [x] validating content length - [x] actually saving data Co-authored-by: trinity-1686a <trinity@deuxfleurs.fr> Co-authored-by: Trinity Pointard <trinity.pointard@gmail.com> Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/222 Reviewed-by: Alex <alex@adnab.me> Co-authored-by: trinity-1686a <trinity.pointard@gmail.com> Co-committed-by: trinity-1686a <trinity.pointard@gmail.com>
* Add date verification to presigned urls (#196)trinity-1686a2022-01-181-22/+59
| | | | | | | | | | fix #96 fix #162 by returning Forbidden instead Bad Request Co-authored-by: Trinity Pointard <trinity.pointard@gmail.com> Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/196 Co-authored-by: trinity-1686a <trinity.pointard@gmail.com> Co-committed-by: trinity-1686a <trinity.pointard@gmail.com>
* Support STREAMING-AWS4-HMAC-SHA256-PAYLOAD (#64) (#156)Jill2022-01-173-0/+635
Closes #64. Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/156 Co-authored-by: Jill <kokakiwi@deuxfleurs.fr> Co-committed-by: Jill <kokakiwi@deuxfleurs.fr>