[#19] Bug with AccessKey
Closes #19. Signed-off-by: Pavel Korotkov <pkorotkov@gmail.com>
This commit is contained in:
parent
9986a82fca
commit
0528eed7b6
1 changed files with 4 additions and 3 deletions
|
@ -4,6 +4,7 @@ import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"crypto/ecdsa"
|
"crypto/ecdsa"
|
||||||
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"regexp"
|
"regexp"
|
||||||
|
@ -22,7 +23,7 @@ import (
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
)
|
)
|
||||||
|
|
||||||
var authorizationFieldRegexp = regexp.MustCompile(`AWS4-HMAC-SHA256 Credential=(?P<access_key_id>[^/]+)/(?P<date>[^/]+)/(?P<region>[^/]*)/(?P<service>[^/]+)/aws4_request,\s*SignedHeaders=(?P<signed_header_fields>.+),\s*Signature=(?P<v4_signature>.+)`)
|
var authorizationFieldRegexp = regexp.MustCompile(`AWS4-HMAC-SHA256 Credential=(?P<access_key_id_cid>[^/]+)/(?P<access_key_id_oid>[^/]+)/(?P<date>[^/]+)/(?P<region>[^/]*)/(?P<service>[^/]+)/aws4_request,\s*SignedHeaders=(?P<signed_header_fields>.+),\s*Signature=(?P<v4_signature>.+)`)
|
||||||
|
|
||||||
const emptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
|
const emptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
|
||||||
|
|
||||||
|
@ -84,7 +85,7 @@ func (center *Center) AuthenticationPassed(request *http.Request) (*service.Bear
|
||||||
return nil, errors.New("unsupported request: wrong length of Authorization header field")
|
return nil, errors.New("unsupported request: wrong length of Authorization header field")
|
||||||
}
|
}
|
||||||
sms1 := center.submatcher.getSubmatches(authHeaderField[0])
|
sms1 := center.submatcher.getSubmatches(authHeaderField[0])
|
||||||
if len(sms1) != 6 {
|
if len(sms1) != 7 {
|
||||||
return nil, errors.New("bad Authorization header field")
|
return nil, errors.New("bad Authorization header field")
|
||||||
}
|
}
|
||||||
signedHeaderFieldsNames := strings.Split(sms1["signed_header_fields"], ";")
|
signedHeaderFieldsNames := strings.Split(sms1["signed_header_fields"], ";")
|
||||||
|
@ -95,7 +96,7 @@ func (center *Center) AuthenticationPassed(request *http.Request) (*service.Bear
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.Wrap(err, "failed to parse x-amz-date header field")
|
return nil, errors.Wrap(err, "failed to parse x-amz-date header field")
|
||||||
}
|
}
|
||||||
accessKeyID := sms1["access_key_id"]
|
accessKeyID := fmt.Sprintf("%s/%s", sms1["access_key_id_cid"], sms1["access_key_id_oid"])
|
||||||
bearerToken, secretAccessKey, err := center.fetchBearerToken(accessKeyID)
|
bearerToken, secretAccessKey, err := center.fetchBearerToken(accessKeyID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.Wrap(err, "failed to fetch bearer token")
|
return nil, errors.Wrap(err, "failed to fetch bearer token")
|
||||||
|
|
Loading…
Reference in a new issue