From e9f759d4cb9be28584ab511a0a2dc78b579475c8 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Wed, 28 Feb 2024 00:27:54 +0100 Subject: [fix-presigned] presigned requests: allow x-amz-* query parameters to stand in for equivalent headers --- src/api/k2v/api_server.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/api/k2v') diff --git a/src/api/k2v/api_server.rs b/src/api/k2v/api_server.rs index e97da2af..5ed7e286 100644 --- a/src/api/k2v/api_server.rs +++ b/src/api/k2v/api_server.rs @@ -69,7 +69,7 @@ impl ApiHandler for K2VApiServer { async fn handle( &self, - req: Request, + mut req: Request, endpoint: K2VApiEndpoint, ) -> Result, Error> { let K2VApiEndpoint { @@ -86,7 +86,8 @@ impl ApiHandler for K2VApiServer { return Ok(options_res.map(|_empty_body: EmptyBody| empty_body())); } - let (api_key, mut content_sha256) = check_payload_signature(&garage, "k2v", &req).await?; + let (api_key, mut content_sha256) = + check_payload_signature(&garage, "k2v", &mut req).await?; let api_key = api_key .ok_or_else(|| Error::forbidden("Garage does not support anonymous access yet"))?; -- cgit v1.2.3 From 90cab5b8f2b5212668975bf445a1e86f638fe1c7 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Wed, 28 Feb 2024 10:51:08 +0100 Subject: [fix-presigned] add comments and reorganize --- src/api/k2v/api_server.rs | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) (limited to 'src/api/k2v') diff --git a/src/api/k2v/api_server.rs b/src/api/k2v/api_server.rs index 5ed7e286..fdb5db4c 100644 --- a/src/api/k2v/api_server.rs +++ b/src/api/k2v/api_server.rs @@ -15,8 +15,7 @@ use garage_model::garage::Garage; use crate::generic_server::*; use crate::k2v::error::*; -use crate::signature::payload::check_payload_signature; -use crate::signature::streaming::*; +use crate::signature::verify_request; use crate::helpers::*; use crate::k2v::batch::*; @@ -69,7 +68,7 @@ impl ApiHandler for K2VApiServer { async fn handle( &self, - mut req: Request, + req: Request, endpoint: K2VApiEndpoint, ) -> Result, Error> { let K2VApiEndpoint { @@ -86,18 +85,7 @@ impl ApiHandler for K2VApiServer { return Ok(options_res.map(|_empty_body: EmptyBody| empty_body())); } - let (api_key, mut content_sha256) = - check_payload_signature(&garage, "k2v", &mut req).await?; - let api_key = api_key - .ok_or_else(|| Error::forbidden("Garage does not support anonymous access yet"))?; - - let req = parse_streaming_body( - &api_key, - req, - &mut content_sha256, - &garage.config.s3_api.s3_region, - "k2v", - )?; + let (req, api_key, _content_sha256) = verify_request(&garage, req, "k2v").await?; let bucket_id = garage .bucket_helper() -- cgit v1.2.3