[#339] Add aws-sdk-go-v2

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>

api/auth/presign_test.go

@@ -2,17 +2,23 @@ package auth
 
 import (
 	"context"
+	"fmt"
+	"net/http"
+	"os"
 	"strings"
 	"testing"
 	"time"
 
+	v4a "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4asdk2"
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/tokens"
 	apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	credentialsv2 "github.com/aws/aws-sdk-go-v2/credentials"
 	"github.com/aws/aws-sdk-go/aws/credentials"
+	"github.com/aws/smithy-go/logging"
 	"github.com/stretchr/testify/require"
 )
 
@@ -93,3 +99,93 @@ func TestCheckSign(t *testing.T) {
 	require.NoError(t, err)
 	require.EqualValues(t, expBox, box.AccessBox)
 }
+
+func TestCheckSignV4a(t *testing.T) {
+	var accessKeyAddr oid.Address
+	err := accessKeyAddr.DecodeString("8N7CYBY74kxZXoyvA5UNdmovaXqFpwNfvEPsqaN81es2/3tDwq5tR8fByrJcyJwyiuYX7Dae8tyDT7pd8oaL1MBto")
+	require.NoError(t, err)
+
+	accessKeyID := strings.ReplaceAll(accessKeyAddr.String(), "/", "0")
+	secretKey := "713d0a0b9efc7d22923e17b0402a6a89b4273bc711c8bacb2da1b643d0006aeb"
+	awsCreds := credentialsv2.NewStaticCredentialsProvider(accessKeyID, secretKey, "")
+
+	reqData := RequestData{
+		Method:   "GET",
+		Endpoint: "http://localhost:8084",
+		Bucket:   "my-bucket",
+		Object:   "@obj/name",
+	}
+	presignData := PresignData{
+		Service:  "s3",
+		Region:   "spb",
+		Lifetime: 10 * time.Minute,
+		SignTime: time.Now().UTC(),
+	}
+
+	req, err := PresignRequestV4a(awsCreds, reqData, presignData)
+	require.NoError(t, err)
+
+	expBox := &accessbox.Box{
+		Gate: &accessbox.GateData{
+			SecretKey: secretKey,
+		},
+	}
+
+	mock := newTokensFrostfsMock()
+	mock.addBox(accessKeyAddr, expBox)
+
+	c := &Center{
+		cli:     mock,
+		regV4a:  NewRegexpMatcher(authorizationFieldV4aRegexp),
+		postReg: NewRegexpMatcher(postPolicyCredentialRegexp),
+	}
+	box, err := c.Authenticate(req)
+	require.NoError(t, err)
+	require.EqualValues(t, expBox, box.AccessBox)
+}
+
+func TestPresignRequestV4a(t *testing.T) {
+	var accessKeyAddr oid.Address
+	err := accessKeyAddr.DecodeString("8N7CYBY74kxZXoyvA5UNdmovaXqFpwNfvEPsqaN81es2/3tDwq5tR8fByrJcyJwyiuYX7Dae8tyDT7pd8oaL1MBto")
+	require.NoError(t, err)
+
+	accessKeyID := strings.ReplaceAll(accessKeyAddr.String(), "/", "0")
+	secretKey := "713d0a0b9efc7d22923e17b0402a6a89b4273bc711c8bacb2da1b643d0006aeb"
+
+	signer := v4a.NewSigner(func(options *v4a.SignerOptions) {
+		options.DisableURIPathEscaping = true
+		options.LogSigning = true
+		options.Logger = logging.NewStandardLogger(os.Stdout)
+	})
+
+	credAdapter := v4a.SymmetricCredentialAdaptor{
+		SymmetricProvider: credentialsv2.NewStaticCredentialsProvider(accessKeyID, secretKey, ""),
+	}
+
+	creds, err := credAdapter.RetrievePrivateKey(context.TODO())
+	require.NoError(t, err)
+
+	signingTime := time.Now()
+	service := "s3"
+	regionSet := []string{"spb"}
+
+	req, err := http.NewRequest("GET", "http://localhost:8084/bucket/object", nil)
+	require.NoError(t, err)
+	//req.Header.Set(AmzRegionSet, strings.Join(regionSet, ","))
+	//req.Header.Set(AmzDate, signingTime.Format("20060102T150405Z"))
+	//req.Header.Set(AmzAlgorithm, signaturePreambleSigV4A)
+
+	presignedURL, hdr, err := signer.PresignHTTP(req.Context(), creds, req, "", service, regionSet, signingTime)
+	require.NoError(t, err)
+
+	fmt.Println(presignedURL)
+	fmt.Println(hdr)
+
+	signature := req.URL.Query().Get(AmzSignature)
+
+	r, err := http.NewRequest("GET", presignedURL, nil)
+	require.NoError(t, err)
+
+	err = signer.VerifySignature(creds, r, "", service, regionSet, signingTime, signature)
+	require.NoError(t, err)
+}