Skip to content

Commit

Permalink
added support for AWSv4 signature in query string
Browse files Browse the repository at this point in the history
  • Loading branch information
@tamireran
tamireran committed Oct 23, 2015
1 parent 1385fab commit 9677b56
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 11 deletions.
22 changes: 15 additions & 7 deletions src/s3/app.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ function s3app(params) {
res.header('Access-Control-Allow-Methods',
'GET,POST,PUT,DELETE,OPTIONS');
res.header('Access-Control-Allow-Headers',
'Content-Type,Authorization,X-Amz-User-Agent,X-Amz-Date,ETag');
'Content-Type,Authorization,X-Amz-User-Agent,X-Amz-Date,ETag,X-Amz-Content-Sha256');
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Expose-Headers', 'ETag');
// note that browsers will not allow origin=* with credentials
Expand Down Expand Up @@ -66,15 +66,16 @@ function s3app(params) {
dbg.log0('authorization header exists', req.headers.authorization);

var end_of_aws_key = req.headers.authorization.indexOf(':');
var req_access_key = req.headers.authorization.substring(4, end_of_aws_key);
if (req_access_key === 'AWS4'){
var req_access_key;
if (req.headers.authorization.substring(0, 4) === 'AWS4') {
//authorization: 'AWS4-HMAC-SHA256 Credential=wwwwwwwwwwwww123aaaa/20151023/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=0b04a57def200559b3353551f95bce0712e378c703a97d58e13a6eef41a20877',

var credentials_location = req.headers.authorization.indexOf('Credential')+11;

var credentials_location = req.headers.authorization.indexOf('Credential') + 11;
req_access_key = req.headers.authorization.substring(credentials_location, req.headers.authorization.indexOf('/'));
} else {
req_access_key = req.headers.authorization.substring(4, end_of_aws_key);
}
dbg.log0('req_access_key',req_access_key);

dbg.log0('req_access_key', req_access_key);

req.access_key = req_access_key;
req.signature = req.headers.authorization.substring(end_of_aws_key + 1, req.headers.authorization.lenth);
Expand All @@ -84,7 +85,14 @@ function s3app(params) {
req.signature = req.query.Signature;
authenticated_request = true;
dbg.log0('signed url');
} else if (req.query['X-Amz-Credential']) {
req.access_key = req.query['X-Amz-Credential'].substring(0, req.query['X-Amz-Credential'].indexOf('/'));
req.signature = req.query['X-Amz-Signature'];
authenticated_request = true;
dbg.log0('signed url v4',req.access_key);

}

if (authenticated_request) {
// var s3 = new s3_auth(req);
dbg.log0('authenticated request with signature', req.signature);
Expand Down
10 changes: 6 additions & 4 deletions src/s3/controllers.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,17 +163,19 @@ module.exports = function(params) {
var req_access_key;
if (req.headers.authorization) {
var end_of_aws_key = req.headers.authorization.indexOf(':');
req_access_key = req.headers.authorization.substring(4, end_of_aws_key);
if (req_access_key === 'AWS4'){
if (req.headers.authorization.substring(0,4)==='AWS4'){
//authorization: 'AWS4-HMAC-SHA256 Credential=wwwwwwwwwwwww123aaaa/20151023/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=0b04a57def200559b3353551f95bce0712e378c703a97d58e13a6eef41a20877',

var credentials_location = req.headers.authorization.indexOf('Credential')+11;

req_access_key = req.headers.authorization.substring(credentials_location, req.headers.authorization.indexOf('/'));
}else{
req_access_key = req.headers.authorization.substring(4, end_of_aws_key);
}
} else {
if (req.query.AWSAccessKeyId) {
req_access_key = req.query.AWSAccessKeyId;
}else if (req.query['X-Amz-Credential'])
{
req_access_key = req.query['X-Amz-Credential'].substring(0,req.query['X-Amz-Credential'].indexOf('/'));
}
}
return req_access_key;
Expand Down

0 comments on commit 9677b56

Please sign in to comment.