Merge pull request #66 from masterSplinter01/feature/64-fix-authmate

[#64]  Fix access key id
This commit is contained in:
Roman Khimov 2021-06-03 22:52:43 +03:00 committed by GitHub
commit 6ac5dd52d5
3 changed files with 15 additions and 9 deletions

View file

@ -21,7 +21,7 @@ import (
"go.uber.org/zap"
)
var authorizationFieldRegexp = regexp.MustCompile(`AWS4-HMAC-SHA256 Credential=(?P<access_key_id_cid>[^/]+)/(?P<access_key_id_oid>[^/]+)/(?P<date>[^/]+)/(?P<region>[^/]*)/(?P<service>[^/]+)/aws4_request,\s*SignedHeaders=(?P<signed_header_fields>.+),\s*Signature=(?P<v4_signature>.+)`)
var authorizationFieldRegexp = regexp.MustCompile(`AWS4-HMAC-SHA256 Credential=(?P<access_key_id_cid>[^/]+)_(?P<access_key_id_oid>[^/]+)/(?P<date>[^/]+)/(?P<region>[^/]*)/(?P<service>[^/]+)/aws4_request,\s*SignedHeaders=(?P<signed_header_fields>.+),\s*Signature=(?P<v4_signature>.+)`)
type (
// Center is a user authentication interface.
@ -88,10 +88,11 @@ func (c *center) Authenticate(r *http.Request) (*token.BearerToken, error) {
return nil, fmt.Errorf("failed to parse x-amz-date header field: %w", err)
}
accessKeyID := fmt.Sprintf("%s/%s", sms1["access_key_id_cid"], sms1["access_key_id_oid"])
accessKeyID := fmt.Sprintf("%s_%s", sms1["access_key_id_cid"], sms1["access_key_id_oid"])
accessKeyAddress := fmt.Sprintf("%s/%s", sms1["access_key_id_cid"], sms1["access_key_id_oid"])
address := object.NewAddress()
if err = address.Parse(accessKeyID); err != nil {
if err = address.Parse(accessKeyAddress); err != nil {
return nil, fmt.Errorf("could not parse AccessBox address: %s : %w", accessKeyID, err)
}

View file

@ -162,8 +162,10 @@ func (a *Agent) IssueSecret(ctx context.Context, w io.Writer, options *IssueSecr
return fmt.Errorf("failed to get bearer token secret key: %w", err)
}
accessKeyID := address.ContainerID().String() + "_" + address.ObjectID().String()
ir := &issuingResult{
AccessKeyID: address.String(),
AccessKeyID: accessKeyID,
SecretAccessKey: secret,
OwnerPrivateKey: options.OwnerPrivateKey.String(),
}

View file

@ -8,6 +8,7 @@ import (
"fmt"
"os"
"os/signal"
"strings"
"syscall"
"time"
@ -37,7 +38,7 @@ var (
peerAddressFlag string
eaclRulesFlag string
gatePrivateKeyFlag string
secretAddressFlag string
accessKeyIDFlag string
ownerPrivateKeyFlag string
containerIDFlag string
containerFriendlyName string
@ -311,10 +312,10 @@ func obtainSecret() *cli.Command {
Destination: &gatePrivateKeyFlag,
},
&cli.StringFlag{
Name: "secret-address",
Usage: "address of a secret (i.e. access key id for s3)",
Name: "access-key-id",
Usage: "access key id for s3",
Required: true,
Destination: &secretAddressFlag,
Destination: &accessKeyIDFlag,
},
},
Action: func(c *cli.Context) error {
@ -342,8 +343,10 @@ func obtainSecret() *cli.Command {
return cli.Exit(fmt.Sprintf("failed to create owner's private key: %s", err), 4)
}
secretAddress := strings.Replace(accessKeyIDFlag, "_", "/", 1)
obtainSecretOptions := &authmate.ObtainSecretOptions{
SecretAddress: secretAddressFlag,
SecretAddress: secretAddress,
GatePrivateKey: gateCreds.PrivateKey(),
}