[#339] Don't explicitly use smithy-go

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
This commit is contained in:
Denis Kirillov 2024-12-04 16:10:28 +03:00
parent c5deb2e148
commit 4515a7ae88
8 changed files with 68 additions and 50 deletions

View file

@ -8,7 +8,6 @@ import (
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"net/url" "net/url"
"os"
"strings" "strings"
"testing" "testing"
"time" "time"
@ -27,7 +26,6 @@ import (
oidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id/test" oidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id/test"
"github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/credentials"
"github.com/aws/smithy-go/logging"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"go.uber.org/zap/zaptest" "go.uber.org/zap/zaptest"
@ -101,7 +99,7 @@ func TestSignatureV4A(t *testing.T) {
signer := v4a.NewSigner(func(options *v4a.SignerOptions) { signer := v4a.NewSigner(func(options *v4a.SignerOptions) {
options.DisableURIPathEscaping = true options.DisableURIPathEscaping = true
options.Logger = logging.NewStandardLogger(os.Stdout) options.Logger = zaptest.NewLogger(t)
options.LogSigning = true options.LogSigning = true
}) })

View file

@ -9,12 +9,11 @@ import (
"strings" "strings"
"time" "time"
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/smithy/encoding/httpbinding"
v4a "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2" v4a "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2"
v4 "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4sdk2/signer/v4" v4 "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4sdk2/signer/v4"
"github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/credentials"
"github.com/aws/smithy-go/encoding/httpbinding"
"github.com/aws/smithy-go/logging"
"go.uber.org/zap" "go.uber.org/zap"
) )
@ -50,7 +49,7 @@ func PresignRequest(ctx context.Context, creds aws.Credentials, reqData RequestD
signer := v4.NewSigner(func(options *v4.SignerOptions) { signer := v4.NewSigner(func(options *v4.SignerOptions) {
options.DisableURIPathEscaping = true options.DisableURIPathEscaping = true
options.LogSigning = true options.LogSigning = true
options.Logger = &logWrapper{log: log} options.Logger = log
}) })
signedURI, _, err := signer.PresignHTTP(ctx, creds, req, presignData.Headers[AmzContentSHA256], presignData.Service, presignData.Region, presignData.SignTime) signedURI, _, err := signer.PresignHTTP(ctx, creds, req, presignData.Headers[AmzContentSHA256], presignData.Service, presignData.Region, presignData.SignTime)
@ -83,7 +82,7 @@ func PresignRequestV4a(cred aws.Credentials, reqData RequestData, presignData Pr
signer := v4a.NewSigner(func(options *v4a.SignerOptions) { signer := v4a.NewSigner(func(options *v4a.SignerOptions) {
options.DisableURIPathEscaping = true options.DisableURIPathEscaping = true
options.LogSigning = true options.LogSigning = true
options.Logger = &logWrapper{log: log} options.Logger = log
}) })
credAdapter := v4a.SymmetricCredentialAdaptor{ credAdapter := v4a.SymmetricCredentialAdaptor{
@ -101,19 +100,3 @@ func PresignRequestV4a(cred aws.Credentials, reqData RequestData, presignData Pr
return http.NewRequest(reqData.Method, presignedURL, nil) return http.NewRequest(reqData.Method, presignedURL, nil)
} }
type logWrapper struct {
log *zap.Logger
}
func (l *logWrapper) Logf(classification logging.Classification, format string, args ...interface{}) {
msg := fmt.Sprintf(format, args...)
switch classification {
case logging.Warn:
l.log.Warn(msg)
case logging.Debug:
l.log.Debug(msg)
default:
l.log.Info(msg)
}
}

View file

@ -4,7 +4,6 @@ import (
"context" "context"
"fmt" "fmt"
"net/http" "net/http"
"os"
"strings" "strings"
"testing" "testing"
"time" "time"
@ -18,7 +17,6 @@ import (
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id" oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
"github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/aws"
credentialsv2 "github.com/aws/aws-sdk-go-v2/credentials" credentialsv2 "github.com/aws/aws-sdk-go-v2/credentials"
"github.com/aws/smithy-go/logging"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"go.uber.org/zap/zaptest" "go.uber.org/zap/zaptest"
) )
@ -167,7 +165,7 @@ func TestPresignRequestV4a(t *testing.T) {
signer := v4a.NewSigner(func(options *v4a.SignerOptions) { signer := v4a.NewSigner(func(options *v4a.SignerOptions) {
options.DisableURIPathEscaping = true options.DisableURIPathEscaping = true
options.LogSigning = true options.LogSigning = true
options.Logger = logging.NewStandardLogger(os.Stdout) options.Logger = zaptest.NewLogger(t)
}) })
credAdapter := v4a.SymmetricCredentialAdaptor{ credAdapter := v4a.SymmetricCredentialAdaptor{

View file

@ -0,0 +1,37 @@
// This file is part of https://github.com/aws/smithy-go/blob/f0c6adfdec6e40bb8bb2920a40d016943b4ad762/encoding/httpbinding/path_replace.go
package httpbinding
import (
"bytes"
"fmt"
)
// EscapePath escapes part of a URL path in Amazon style.
func EscapePath(path string, encodeSep bool) string {
var buf bytes.Buffer
for i := 0; i < len(path); i++ {
c := path[i]
if noEscape[c] || (c == '/' && !encodeSep) {
buf.WriteByte(c)
} else {
fmt.Fprintf(&buf, "%%%02X", c)
}
}
return buf.String()
}
var noEscape [256]bool
func init() {
for i := 0; i < len(noEscape); i++ {
// AWS expects every character except these to be escaped
noEscape[i] = (i >= 'A' && i <= 'Z') ||
(i >= 'a' && i <= 'z') ||
(i >= '0' && i <= '9') ||
i == '-' ||
i == '.' ||
i == '_' ||
i == '~'
}
}

View file

@ -3,6 +3,8 @@
// * adding exported VerifySignature methods // * adding exported VerifySignature methods
// * using different ignore headers for sing/presign requests // * using different ignore headers for sing/presign requests
// * don't duplicate content-length as signed header // * don't duplicate content-length as signed header
// * use copy of smithy-go encoding/httpbinding package
// * use zap.Logger instead of smithy-go/logging
package v4a package v4a
@ -25,10 +27,10 @@ import (
"strings" "strings"
"time" "time"
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/smithy/encoding/httpbinding"
signerCrypto "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2/internal/crypto" signerCrypto "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2/internal/crypto"
v4Internal "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2/internal/v4" v4Internal "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2/internal/v4"
"github.com/aws/smithy-go/encoding/httpbinding" "go.uber.org/zap"
"github.com/aws/smithy-go/logging"
) )
const ( const (
@ -70,7 +72,7 @@ func init() {
// SignerOptions is the SigV4a signing options for constructing a Signer. // SignerOptions is the SigV4a signing options for constructing a Signer.
type SignerOptions struct { type SignerOptions struct {
Logger logging.Logger Logger *zap.Logger
LogSigning bool LogSigning bool
// Disables the Signer's moving HTTP header key/value pairs from the HTTP // Disables the Signer's moving HTTP header key/value pairs from the HTTP
@ -164,7 +166,7 @@ type httpSigner struct {
Credentials Credentials Credentials Credentials
IsPreSign bool IsPreSign bool
Logger logging.Logger Logger *zap.Logger
Debug bool Debug bool
// PayloadHash is the hex encoded SHA-256 hash of the request payload // PayloadHash is the hex encoded SHA-256 hash of the request payload
@ -193,6 +195,7 @@ func (s *Signer) SignHTTP(ctx context.Context, credentials Credentials, r *http.
Time: signingTime.UTC(), Time: signingTime.UTC(),
DisableHeaderHoisting: options.DisableHeaderHoisting, DisableHeaderHoisting: options.DisableHeaderHoisting,
DisableURIPathEscaping: options.DisableURIPathEscaping, DisableURIPathEscaping: options.DisableURIPathEscaping,
Logger: options.Logger,
} }
signedRequest, err := signer.Build() signedRequest, err := signer.Build()
@ -566,7 +569,7 @@ const logSignedURLMsg = `
---[ SIGNED URL ]------------------------------------ ---[ SIGNED URL ]------------------------------------
%s` %s`
func logHTTPSigningInfo(ctx context.Context, options SignerOptions, r signedRequest) { func logHTTPSigningInfo(_ context.Context, options SignerOptions, r signedRequest) {
if !options.LogSigning { if !options.LogSigning {
return return
} }
@ -574,8 +577,9 @@ func logHTTPSigningInfo(ctx context.Context, options SignerOptions, r signedRequ
if r.PreSigned { if r.PreSigned {
signedURLMsg = fmt.Sprintf(logSignedURLMsg, r.Request.URL.String()) signedURLMsg = fmt.Sprintf(logSignedURLMsg, r.Request.URL.String())
} }
logger := logging.WithContext(ctx, options.Logger) if options.Logger != nil {
logger.Logf(logging.Debug, logSignInfoMsg, r.CanonicalString, r.StringToSign, signedURLMsg) options.Logger.Debug(fmt.Sprintf(logSignInfoMsg, r.CanonicalString, r.StringToSign, signedURLMsg))
}
} }
type signedRequest struct { type signedRequest struct {

View file

@ -1,4 +1,6 @@
// This file is https://github.com/aws/aws-sdk-go-v2/blob/a2b751d1ba71f59175a41f9cae5f159f1044360f/internal/v4a/v4a_test.go // This file is https://github.com/aws/aws-sdk-go-v2/blob/a2b751d1ba71f59175a41f9cae5f159f1044360f/internal/v4a/v4a_test.go
// with changes:
// * use zap.Logger instead of smithy-go/logging
package v4a package v4a
@ -17,7 +19,7 @@ import (
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2/internal/crypto" "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2/internal/crypto"
"github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/smithy-go/logging" "go.uber.org/zap/zaptest"
) )
const ( const (
@ -388,9 +390,7 @@ func buildSigner(t *testing.T, withToken bool) (*Signer, CredentialsProvider) {
} }
return NewSigner(func(options *SignerOptions) { return NewSigner(func(options *SignerOptions) {
options.Logger = loggerFunc(func(format string, v ...interface{}) { options.Logger = zaptest.NewLogger(t)
t.Logf(format, v...)
})
}), &SymmetricCredentialAdaptor{ }), &SymmetricCredentialAdaptor{
SymmetricProvider: staticCredentialsProvider{ SymmetricProvider: staticCredentialsProvider{
Value: creds, Value: creds,
@ -398,12 +398,6 @@ func buildSigner(t *testing.T, withToken bool) (*Signer, CredentialsProvider) {
} }
} }
type loggerFunc func(format string, v ...interface{})
func (l loggerFunc) Logf(_ logging.Classification, format string, v ...interface{}) {
l(format, v...)
}
type staticCredentialsProvider struct { type staticCredentialsProvider struct {
Value aws.Credentials Value aws.Credentials
} }

View file

@ -1,6 +1,8 @@
// This is https://github.com/aws/aws-sdk-go-v2/blob/a2b751d1ba71f59175a41f9cae5f159f1044360f/aws/signer/v4/v4.go // This is https://github.com/aws/aws-sdk-go-v2/blob/a2b751d1ba71f59175a41f9cae5f159f1044360f/aws/signer/v4/v4.go
// with changes: // with changes:
// * using different headers for sign/presign // * using different headers for sign/presign
// * use copy of smithy-go encoding/httpbinding package
// * use zap.Logger instead of smithy-go/logging
// Package v4 implements the AWS signature version 4 algorithm (commonly known // Package v4 implements the AWS signature version 4 algorithm (commonly known
// as SigV4). // as SigV4).
@ -56,10 +58,10 @@ import (
"strings" "strings"
"time" "time"
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/smithy/encoding/httpbinding"
v4Internal "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4sdk2/signer/internal/v4" v4Internal "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4sdk2/signer/internal/v4"
"github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/smithy-go/encoding/httpbinding" "go.uber.org/zap"
"github.com/aws/smithy-go/logging"
) )
const ( const (
@ -97,7 +99,7 @@ type SignerOptions struct {
DisableURIPathEscaping bool DisableURIPathEscaping bool
// The logger to send log messages to. // The logger to send log messages to.
Logger logging.Logger Logger *zap.Logger
// Enable logging of signed requests. // Enable logging of signed requests.
// This will enable logging of the canonical request, the string to sign, and for presigning the subsequent // This will enable logging of the canonical request, the string to sign, and for presigning the subsequent
@ -547,7 +549,7 @@ func (s *httpSigner) setRequiredSigningFields(headers http.Header, query url.Val
} }
} }
func logSigningInfo(ctx context.Context, options SignerOptions, request *signedRequest, isPresign bool) { func logSigningInfo(_ context.Context, options SignerOptions, request *signedRequest, isPresign bool) {
if !options.LogSigning { if !options.LogSigning {
return return
} }
@ -555,8 +557,10 @@ func logSigningInfo(ctx context.Context, options SignerOptions, request *signedR
if isPresign { if isPresign {
signedURLMsg = fmt.Sprintf(logSignedURLMsg, request.Request.URL.String()) signedURLMsg = fmt.Sprintf(logSignedURLMsg, request.Request.URL.String())
} }
logger := logging.WithContext(ctx, options.Logger)
logger.Logf(logging.Debug, logSignInfoMsg, request.CanonicalString, request.StringToSign, signedURLMsg) if options.Logger != nil {
options.Logger.Debug(fmt.Sprintf(logSignInfoMsg, request.CanonicalString, request.StringToSign, signedURLMsg))
}
} }
type signedRequest struct { type signedRequest struct {

2
go.mod
View file

@ -12,7 +12,6 @@ require (
github.com/aws/aws-sdk-go-v2 v1.30.5 github.com/aws/aws-sdk-go-v2 v1.30.5
github.com/aws/aws-sdk-go-v2/config v1.27.32 github.com/aws/aws-sdk-go-v2/config v1.27.32
github.com/aws/aws-sdk-go-v2/credentials v1.17.31 github.com/aws/aws-sdk-go-v2/credentials v1.17.31
github.com/aws/smithy-go v1.20.4
github.com/bluele/gcache v0.0.2 github.com/bluele/gcache v0.0.2
github.com/go-chi/chi/v5 v5.0.8 github.com/go-chi/chi/v5 v5.0.8
github.com/google/uuid v1.6.0 github.com/google/uuid v1.6.0
@ -58,6 +57,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/sso v1.22.6 // indirect github.com/aws/aws-sdk-go-v2/service/sso v1.22.6 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.6 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.6 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.30.6 // indirect github.com/aws/aws-sdk-go-v2/service/sts v1.30.6 // indirect
github.com/aws/smithy-go v1.20.4 // indirect
github.com/beorn7/perks v1.0.1 // indirect github.com/beorn7/perks v1.0.1 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect