From 8654ddb566a2596d6511ae7c55f93e26b2c7c174 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Wed, 8 Jul 2015 21:10:12 -0700 Subject: [PATCH] Generate auth now saves in ${HOME}/.minio/users.json, also authHandler verifies request validity --- pkg/auth/config.go | 3 +- pkg/controller/client.go | 12 ++++++++ pkg/server/api/generic-handlers.go | 49 +++--------------------------- 3 files changed, 19 insertions(+), 45 deletions(-) diff --git a/pkg/auth/config.go b/pkg/auth/config.go index ac1aaf343..b1e184df0 100644 --- a/pkg/auth/config.go +++ b/pkg/auth/config.go @@ -34,7 +34,7 @@ type User struct { // Config auth keys type Config struct { Version string - Users map[string]User + Users map[string]*User } // getAuthConfigPath get donut config file path @@ -86,6 +86,7 @@ func LoadConfig() (*Config, error) { } a := &Config{} a.Version = "0.0.1" + a.Users = make(map[string]*User) qc, err := quick.New(a) if err != nil { return nil, iodine.New(err, nil) diff --git a/pkg/controller/client.go b/pkg/controller/client.go index 11a0b3a4d..4f3c479fc 100644 --- a/pkg/controller/client.go +++ b/pkg/controller/client.go @@ -21,6 +21,7 @@ import ( "net/http" jsonrpc "github.com/gorilla/rpc/v2/json" + "github.com/minio/minio/pkg/auth" "github.com/minio/minio/pkg/iodine" "github.com/minio/minio/pkg/server/rpc" ) @@ -110,6 +111,17 @@ func GetAuthKeys(url string) ([]byte, error) { if err := jsonrpc.DecodeClientResponse(resp.Body, &reply); err != nil { return nil, iodine.New(err, nil) } + authConfig := &auth.Config{} + authConfig.Version = "0.0.1" + authConfig.Users = make(map[string]*auth.User) + user := &auth.User{} + user.Name = "testuser" + user.AccessKeyID = reply.AccessKeyID + user.SecretAccessKey = reply.SecretAccessKey + authConfig.Users[reply.AccessKeyID] = user + if err := auth.SaveConfig(authConfig); err != nil { + return nil, iodine.New(err, nil) + } return json.MarshalIndent(reply, "", "\t") } diff --git a/pkg/server/api/generic-handlers.go b/pkg/server/api/generic-handlers.go index 42ba7c17c..ef056502d 100644 --- a/pkg/server/api/generic-handlers.go +++ b/pkg/server/api/generic-handlers.go @@ -19,14 +19,10 @@ package api import ( "errors" "net/http" - "os" - "os/user" - "path/filepath" "strings" "time" "github.com/minio/minio/pkg/auth" - "github.com/minio/minio/pkg/quick" ) type contentTypeHandler struct { @@ -182,57 +178,22 @@ func ValidateAuthHeaderHandler(h http.Handler) http.Handler { return validateAuthHandler{h} } -// User context -type User struct { - Version string - Name string - AccessKey string - SecretKey string -} - -func getConfigFile() string { - u, err := user.Current() - if err != nil { - return "" - } - confPath := filepath.Join(u.HomeDir, ".minio") - if err := os.MkdirAll(confPath, 0700); err != nil { - return "" - } - return filepath.Join(confPath, "users.json") -} - // validate auth header handler ServeHTTP() wrapper func (h validateAuthHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { acceptsContentType := getContentType(r) - _, err := stripAuth(r) + ah, err := stripAuth(r) switch err.(type) { case nil: - users := make(map[string]User) - configFile := getConfigFile() - if configFile == "" { - writeErrorResponse(w, r, InternalError, acceptsContentType, r.URL.Path) - return - } - qconf, err := quick.New(&users) + authConfig, err := auth.LoadConfig() if err != nil { writeErrorResponse(w, r, InternalError, acceptsContentType, r.URL.Path) return } - if err := qconf.Save(configFile); err != nil { - writeErrorResponse(w, r, InternalError, acceptsContentType, r.URL.Path) - return - } - if err := qconf.Load(configFile); err != nil { - writeErrorResponse(w, r, InternalError, acceptsContentType, r.URL.Path) + _, ok := authConfig.Users[ah.accessKey] + if !ok { + writeErrorResponse(w, r, AccessDenied, acceptsContentType, r.URL.Path) return } - // uncomment this when we have webcli - // _, ok := conf.Users[auth.accessKey] - //if !ok { - // writeErrorResponse(w, r, AccessDenied, acceptsContentType, r.URL.Path) - // return - //} // Success h.handler.ServeHTTP(w, r) default: