Handle authorization header better

master
Harshavardhana 10 years ago
parent 2d5e1d3797
commit 19250296c6
  1. 35
      pkg/api/api_generic_handlers.go
  2. 4
      pkg/api/logging/logging.go

@ -54,6 +54,10 @@ const (
timeFormat = "20060102T150405Z"
)
const (
authHeaderPrefix = "AWS4-HMAC-SHA256"
)
// strip auth from authorization header
func stripAuth(r *http.Request) (*auth, error) {
authHeader := r.Header.Get("Authorization")
@ -61,23 +65,32 @@ func stripAuth(r *http.Request) (*auth, error) {
return nil, errors.New("Missing auth header")
}
a := new(auth)
authFields := strings.Fields(authHeader)
if len(authFields) < 4 {
authFields := strings.Split(authHeader, ",")
if len(authFields) != 3 {
return nil, errors.New("Missing fields in Auth header")
}
authPrefixFields := strings.Fields(authFields[0])
if len(authPrefixFields) != 2 {
return nil, errors.New("Missing fields in Auth header")
}
if authPrefixFields[0] != authHeaderPrefix {
return nil, errors.New("Missing fields is Auth header")
}
credentials := strings.Split(authPrefixFields[1], "=")
if len(credentials) != 2 {
return nil, errors.New("Missing fields in Auth header")
}
a.prefix = authFields[0]
credentials := strings.Split(authFields[1], ",")[0]
if len(credentials) < 2 {
signedheaders := strings.Split(authFields[1], "=")
if len(signedheaders) != 2 {
return nil, errors.New("Missing fields in Auth header")
}
signedheaders := strings.Split(authFields[2], ",")[0]
if len(signedheaders) < 2 {
signature := strings.Split(authFields[2], "=")
if len(signature) != 2 {
return nil, errors.New("Missing fields in Auth header")
}
signature := authFields[3]
a.credential = strings.Split(credentials, "=")[1]
a.signedheaders = strings.Split(signedheaders, "=")[1]
a.signature = strings.Split(signature, "=")[1]
a.credential = credentials[1]
a.signedheaders = signedheaders[1]
a.signature = signature[1]
a.accessKey = strings.Split(a.credential, "/")[0]
if !keys.IsValidAccessKey(a.accessKey) {
return nil, errors.New("Invalid access key")

@ -39,6 +39,7 @@ type LogMessage struct {
StartTime time.Time
Duration time.Duration
Status int
StatusText string
ResponseHeaders http.Header
}
@ -50,6 +51,7 @@ type LogWriter struct {
// WriteHeader writes headers and stores status in LogMessage
func (w *LogWriter) WriteHeader(status int) {
w.LogMessage.StatusText = http.StatusText(status)
w.LogMessage.Status = status
w.ResponseWriter.WriteHeader(status)
}
@ -69,12 +71,12 @@ func (h *logHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
StartTime: time.Now().UTC(),
}
logWriter := &LogWriter{ResponseWriter: w, LogMessage: logMessage}
h.Handler.ServeHTTP(logWriter, req)
logMessage.ResponseHeaders = w.Header()
logMessage.Request = req
logMessage.Duration = time.Now().UTC().Sub(logMessage.StartTime)
js, _ := json.Marshal(logMessage)
h.Logger <- string(js)
h.Handler.ServeHTTP(logWriter, req)
}
// LogHandler logs requests

Loading…
Cancel
Save