HDDS-892. Parse aws v2 headers without spaces in Ozone s3 gateway. Contributed by Elek Marton.
This commit is contained in:
parent
019836b113
commit
6c852f2a37
@ -62,35 +62,37 @@ public AuthorizationHeaderV4(String header) throws OS3Exception {
|
||||
*/
|
||||
@SuppressWarnings("StringSplitter")
|
||||
public void parseAuthHeader() throws OS3Exception {
|
||||
String[] split = authHeader.split(" ");
|
||||
|
||||
if (split.length != 4) {
|
||||
int firstSep = authHeader.indexOf(' ');
|
||||
if (firstSep < 0) {
|
||||
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
|
||||
}
|
||||
|
||||
algorithm = split[0];
|
||||
credential = split[1];
|
||||
signedHeaders = split[2];
|
||||
signature = split[3];
|
||||
//split the value parts of the authorization header
|
||||
String[] split = authHeader.substring(firstSep + 1).trim().split(", *");
|
||||
|
||||
if (split.length != 3) {
|
||||
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
|
||||
}
|
||||
|
||||
algorithm = authHeader.substring(0, firstSep);
|
||||
credential = split[0];
|
||||
signedHeaders = split[1];
|
||||
signature = split[2];
|
||||
|
||||
if (credential.startsWith(CREDENTIAL)) {
|
||||
credential = credential.substring(CREDENTIAL.length(), credential
|
||||
.length() - 1);
|
||||
credential = credential.substring(CREDENTIAL.length());
|
||||
} else {
|
||||
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
|
||||
}
|
||||
|
||||
if (signedHeaders.startsWith(SIGNEDHEADERS)) {
|
||||
signedHeaders = signedHeaders.substring(SIGNEDHEADERS.length(),
|
||||
signedHeaders.length() - 1);
|
||||
signedHeaders = signedHeaders.substring(SIGNEDHEADERS.length());
|
||||
} else {
|
||||
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
|
||||
}
|
||||
|
||||
if (signature.startsWith(SIGNATURE)) {
|
||||
signature = signature.substring(SIGNATURE.length(), signature
|
||||
.length());
|
||||
signature = signature.substring(SIGNATURE.length());
|
||||
} else {
|
||||
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
|
||||
}
|
||||
|
@ -31,51 +31,67 @@
|
||||
public class TestAuthorizationHeaderV4 {
|
||||
|
||||
@Test
|
||||
public void testV4Header1() {
|
||||
try {
|
||||
String auth = "AWS4-HMAC-SHA256 " +
|
||||
"Credential=ozone/20130524/us-east-1/s3/aws4_request, " +
|
||||
"SignedHeaders=host;range;x-amz-date, " +
|
||||
"Signature=fe5f80f77d5fa3beca038a248ff027";
|
||||
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
|
||||
assertEquals("AWS4-HMAC-SHA256", v4.getAlgorithm());
|
||||
assertEquals("ozone", v4.getAccessKeyID());
|
||||
assertEquals("20130524", v4.getDate());
|
||||
assertEquals("us-east-1", v4.getAwsRegion());
|
||||
assertEquals("aws4_request", v4.getAwsRequest());
|
||||
assertEquals("host;range;x-amz-date", v4.getSignedHeaders());
|
||||
assertEquals("fe5f80f77d5fa3beca038a248ff027", v4.getSignature());
|
||||
} catch (OS3Exception ex) {
|
||||
fail("testV4Header");
|
||||
}
|
||||
|
||||
public void testV4HeaderWellFormed() throws Exception {
|
||||
String auth = "AWS4-HMAC-SHA256 " +
|
||||
"Credential=ozone/20130524/us-east-1/s3/aws4_request, " +
|
||||
"SignedHeaders=host;range;x-amz-date, " +
|
||||
"Signature=fe5f80f77d5fa3beca038a248ff027";
|
||||
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
|
||||
assertEquals("AWS4-HMAC-SHA256", v4.getAlgorithm());
|
||||
assertEquals("ozone", v4.getAccessKeyID());
|
||||
assertEquals("20130524", v4.getDate());
|
||||
assertEquals("us-east-1", v4.getAwsRegion());
|
||||
assertEquals("aws4_request", v4.getAwsRequest());
|
||||
assertEquals("host;range;x-amz-date", v4.getSignedHeaders());
|
||||
assertEquals("fe5f80f77d5fa3beca038a248ff027", v4.getSignature());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testV4Header2() {
|
||||
public void testV4HeaderMissingParts() {
|
||||
try {
|
||||
String auth = "AWS4-HMAC-SHA256 " +
|
||||
"Credential=ozone/20130524/us-east-1/s3/aws4_request, " +
|
||||
"SignedHeaders=host;range;x-amz-date,";
|
||||
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
|
||||
fail("testV4Header2");
|
||||
fail("Exception is expected in case of malformed header");
|
||||
} catch (OS3Exception ex) {
|
||||
assertEquals("AuthorizationHeaderMalformed", ex.getCode());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void testV4Header3() {
|
||||
public void testV4HeaderInvalidCredential() {
|
||||
try {
|
||||
String auth = "AWS4-HMAC-SHA256 " +
|
||||
"Credential=20130524/us-east-1/s3/aws4_request, " +
|
||||
"SignedHeaders=host;range;x-amz-date, " +
|
||||
"Signature=fe5f80f77d5fa3beca038a248ff027";
|
||||
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
|
||||
fail("Exception is expected in case of malformed header");
|
||||
} catch (OS3Exception ex) {
|
||||
assertEquals("AuthorizationHeaderMalformed", ex.getCode());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testV4HeaderWithoutSpace() throws OS3Exception {
|
||||
|
||||
String auth =
|
||||
"AWS4-HMAC-SHA256 Credential=ozone/20130524/us-east-1/s3/aws4_request,"
|
||||
+ "SignedHeaders=host;x-amz-content-sha256;x-amz-date,"
|
||||
+ "Signature"
|
||||
+ "=fe5f80f77d5fa3beca038a248ff027";
|
||||
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
|
||||
|
||||
assertEquals("AWS4-HMAC-SHA256", v4.getAlgorithm());
|
||||
assertEquals("ozone", v4.getAccessKeyID());
|
||||
assertEquals("20130524", v4.getDate());
|
||||
assertEquals("us-east-1", v4.getAwsRegion());
|
||||
assertEquals("aws4_request", v4.getAwsRequest());
|
||||
assertEquals("host;x-amz-content-sha256;x-amz-date",
|
||||
v4.getSignedHeaders());
|
||||
assertEquals("fe5f80f77d5fa3beca038a248ff027", v4.getSignature());
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user