mirror of https://github.com/apache/jclouds.git
Issue 86: corrected to only allow the comp header into the signature
git-svn-id: http://jclouds.googlecode.com/svn/trunk@1877 3d8758e0-26b5-11de-8745-db77d3ebf521
This commit is contained in:
parent
7e9229d55e
commit
df7a392208
|
@ -189,8 +189,20 @@ public class SharedKeyAuthentication implements HttpRequestFilter {
|
||||||
// mark and the comp parameter (for example, ?comp=metadata). No other parameters should be
|
// mark and the comp parameter (for example, ?comp=metadata). No other parameters should be
|
||||||
// included on the query string.
|
// included on the query string.
|
||||||
if (request.getEndpoint().getQuery() != null) {
|
if (request.getEndpoint().getQuery() != null) {
|
||||||
// TODO: determine what components of the query string are really needed.
|
StringBuilder paramsToSign = new StringBuilder("?");
|
||||||
toSign.append("?").append(request.getEndpoint().getQuery());
|
|
||||||
|
String[] params = request.getEndpoint().getQuery().split("&");
|
||||||
|
for (String param : params) {
|
||||||
|
String[] paramNameAndValue = param.split("=");
|
||||||
|
|
||||||
|
if ("comp".equals(paramNameAndValue[0])) {
|
||||||
|
paramsToSign.append(param);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (paramsToSign.length() > 1) {
|
||||||
|
toSign.append(paramsToSign);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -95,13 +95,34 @@ public class SharedKeyAuthenticationTest {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void testAclQueryStringRelative() {
|
void testAclQueryStringResTypeNotSignificant() {
|
||||||
URI host = URI.create("http://" + ACCOUNT
|
URI host = URI.create("http://" + ACCOUNT
|
||||||
+ ".blob.core.windows.net/mycontainer?restype=container");
|
+ ".blob.core.windows.net/mycontainer?restype=container");
|
||||||
HttpRequest request = new HttpRequest(HttpMethod.GET, host);
|
HttpRequest request = new HttpRequest(HttpMethod.GET, host);
|
||||||
StringBuilder builder = new StringBuilder();
|
StringBuilder builder = new StringBuilder();
|
||||||
filter.appendUriPath(request, builder);
|
filter.appendUriPath(request, builder);
|
||||||
assertEquals(builder.toString(), "/mycontainer?restype=container");
|
assertEquals(builder.toString(), "/mycontainer");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void testAclQueryStringComp() {
|
||||||
|
URI host = URI.create("http://" + ACCOUNT + ".blob.core.windows.net/mycontainer?comp=list");
|
||||||
|
HttpRequest request = new HttpRequest(HttpMethod.GET, host);
|
||||||
|
StringBuilder builder = new StringBuilder();
|
||||||
|
filter.appendUriPath(request, builder);
|
||||||
|
assertEquals(builder.toString(), "/mycontainer?comp=list");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void testAclQueryStringRelativeWithExtraJunk() {
|
||||||
|
URI host = URI
|
||||||
|
.create("http://"
|
||||||
|
+ ACCOUNT
|
||||||
|
+ ".blob.core.windows.net/mycontainer?comp=list&marker=marker&maxresults=1&prefix=prefix");
|
||||||
|
HttpRequest request = new HttpRequest(HttpMethod.GET, host);
|
||||||
|
StringBuilder builder = new StringBuilder();
|
||||||
|
filter.appendUriPath(request, builder);
|
||||||
|
assertEquals(builder.toString(), "/mycontainer?comp=list");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
Loading…
Reference in New Issue