HDDS-892. Parse aws v2 headers without spaces in Ozone s3 gateway. Contributed by Elek Marton.

This commit is contained in:
Bharat Viswanadham 2018-12-06 15:37:19 -08:00
parent 019836b113
commit 6c852f2a37
2 changed files with 53 additions and 35 deletions

View File

@ -62,35 +62,37 @@ public class AuthorizationHeaderV4 {
*/
@SuppressWarnings("StringSplitter")
public void parseAuthHeader() throws OS3Exception {
String[] split = authHeader.split(" ");
if (split.length != 4) {
int firstSep = authHeader.indexOf(' ');
if (firstSep < 0) {
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
}
algorithm = split[0];
credential = split[1];
signedHeaders = split[2];
signature = split[3];
//split the value parts of the authorization header
String[] split = authHeader.substring(firstSep + 1).trim().split(", *");
if (split.length != 3) {
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
}
algorithm = authHeader.substring(0, firstSep);
credential = split[0];
signedHeaders = split[1];
signature = split[2];
if (credential.startsWith(CREDENTIAL)) {
credential = credential.substring(CREDENTIAL.length(), credential
.length() - 1);
credential = credential.substring(CREDENTIAL.length());
} else {
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
}
if (signedHeaders.startsWith(SIGNEDHEADERS)) {
signedHeaders = signedHeaders.substring(SIGNEDHEADERS.length(),
signedHeaders.length() - 1);
signedHeaders = signedHeaders.substring(SIGNEDHEADERS.length());
} else {
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
}
if (signature.startsWith(SIGNATURE)) {
signature = signature.substring(SIGNATURE.length(), signature
.length());
signature = signature.substring(SIGNATURE.length());
} else {
throw S3ErrorTable.newError(S3ErrorTable.MALFORMED_HEADER, authHeader);
}

View File

@ -31,8 +31,7 @@ import static org.junit.Assert.fail;
public class TestAuthorizationHeaderV4 {
@Test
public void testV4Header1() {
try {
public void testV4HeaderWellFormed() throws Exception {
String auth = "AWS4-HMAC-SHA256 " +
"Credential=ozone/20130524/us-east-1/s3/aws4_request, " +
"SignedHeaders=host;range;x-amz-date, " +
@ -45,37 +44,54 @@ public class TestAuthorizationHeaderV4 {
assertEquals("aws4_request", v4.getAwsRequest());
assertEquals("host;range;x-amz-date", v4.getSignedHeaders());
assertEquals("fe5f80f77d5fa3beca038a248ff027", v4.getSignature());
} catch (OS3Exception ex) {
fail("testV4Header");
}
}
@Test
public void testV4Header2() {
public void testV4HeaderMissingParts() {
try {
String auth = "AWS4-HMAC-SHA256 " +
"Credential=ozone/20130524/us-east-1/s3/aws4_request, " +
"SignedHeaders=host;range;x-amz-date,";
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
fail("testV4Header2");
fail("Exception is expected in case of malformed header");
} catch (OS3Exception ex) {
assertEquals("AuthorizationHeaderMalformed", ex.getCode());
}
}
@Test
public void testV4Header3() {
public void testV4HeaderInvalidCredential() {
try {
String auth = "AWS4-HMAC-SHA256 " +
"Credential=20130524/us-east-1/s3/aws4_request, " +
"SignedHeaders=host;range;x-amz-date, " +
"Signature=fe5f80f77d5fa3beca038a248ff027";
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
fail("Exception is expected in case of malformed header");
} catch (OS3Exception ex) {
assertEquals("AuthorizationHeaderMalformed", ex.getCode());
}
}
@Test
public void testV4HeaderWithoutSpace() throws OS3Exception {
String auth =
"AWS4-HMAC-SHA256 Credential=ozone/20130524/us-east-1/s3/aws4_request,"
+ "SignedHeaders=host;x-amz-content-sha256;x-amz-date,"
+ "Signature"
+ "=fe5f80f77d5fa3beca038a248ff027";
AuthorizationHeaderV4 v4 = new AuthorizationHeaderV4(auth);
assertEquals("AWS4-HMAC-SHA256", v4.getAlgorithm());
assertEquals("ozone", v4.getAccessKeyID());
assertEquals("20130524", v4.getDate());
assertEquals("us-east-1", v4.getAwsRegion());
assertEquals("aws4_request", v4.getAwsRequest());
assertEquals("host;x-amz-content-sha256;x-amz-date",
v4.getSignedHeaders());
assertEquals("fe5f80f77d5fa3beca038a248ff027", v4.getSignature());
}
}