|
|
@ -85,16 +85,9 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode { |
|
|
|
// Access credentials.
|
|
|
|
// Access credentials.
|
|
|
|
cred := serverConfig.GetCredential() |
|
|
|
cred := serverConfig.GetCredential() |
|
|
|
|
|
|
|
|
|
|
|
// url.RawPath will be valid if path has any encoded characters, if not it will
|
|
|
|
// r.RequestURI will have raw encoded URI as sent by the client.
|
|
|
|
// be empty - in which case we need to consider url.Path (bug in net/http?)
|
|
|
|
splits := splitStr(r.RequestURI, "?", 2) |
|
|
|
encodedResource := r.URL.RawPath |
|
|
|
encodedResource, encodedQuery := splits[0], splits[1] |
|
|
|
encodedQuery := r.URL.RawQuery |
|
|
|
|
|
|
|
if encodedResource == "" { |
|
|
|
|
|
|
|
splits := strings.Split(r.URL.Path, "?") |
|
|
|
|
|
|
|
if len(splits) > 0 { |
|
|
|
|
|
|
|
encodedResource = getURLEncodedName(splits[0]) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
queries := strings.Split(encodedQuery, "&") |
|
|
|
queries := strings.Split(encodedQuery, "&") |
|
|
|
var filteredQueries []string |
|
|
|
var filteredQueries []string |
|
|
@ -213,19 +206,9 @@ func doesSignV2Match(r *http.Request) APIErrorCode { |
|
|
|
return apiError |
|
|
|
return apiError |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Encode path:
|
|
|
|
// r.RequestURI will have raw encoded URI as sent by the client.
|
|
|
|
// url.RawPath will be valid if path has any encoded characters, if not it will
|
|
|
|
splits := splitStr(r.RequestURI, "?", 2) |
|
|
|
// be empty - in which case we need to consider url.Path (bug in net/http?)
|
|
|
|
encodedResource, encodedQuery := splits[0], splits[1] |
|
|
|
encodedResource := r.URL.RawPath |
|
|
|
|
|
|
|
if encodedResource == "" { |
|
|
|
|
|
|
|
splits := strings.Split(r.URL.Path, "?") |
|
|
|
|
|
|
|
if len(splits) > 0 { |
|
|
|
|
|
|
|
encodedResource = getURLEncodedName(splits[0]) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Encode query strings
|
|
|
|
|
|
|
|
encodedQuery := r.URL.Query().Encode() |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
expectedAuth := signatureV2(r.Method, encodedResource, encodedQuery, r.Header) |
|
|
|
expectedAuth := signatureV2(r.Method, encodedResource, encodedQuery, r.Header) |
|
|
|
if v2Auth != expectedAuth { |
|
|
|
if v2Auth != expectedAuth { |
|
|
|