forked from cubefs/cubefs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.go
64 lines (56 loc) · 1.76 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
// Copyright 2019 The CubeFS Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
// implied. See the License for the specific language governing
// permissions and limitations under the License.
package objectnode
import "net/http"
//https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#ConstructingTheAuthenticationHeader
type AuthType string
const (
SignatrueV2 AuthType = "signature_v2"
SignatrueV4 = "signature_v4"
PresignedV2 = "presigned_v2"
PresignedV4 = "presigned_v4"
)
type RequestAuthInfo struct {
authType AuthType
accessKey string
}
func parseRequestAuthInfo(r *http.Request) *RequestAuthInfo {
auth := new(RequestAuthInfo)
if isHeaderUsingSignatureAlgorithmV2(r) {
auth.authType = SignatrueV2
ai, _ := parseRequestAuthInfoV2(r)
if ai != nil {
auth.accessKey = ai.accessKeyId
}
} else if isHeaderUsingSignatureAlgorithmV4(r) {
auth.authType = SignatrueV4
ai, _ := parseRequestV4(r)
if ai != nil {
auth.accessKey = ai.Credential.AccessKey
}
} else if isUrlUsingSignatureAlgorithmV2(r) {
auth.authType = PresignedV2
ai, _ := parsePresignedV2AuthInfo(r)
if ai != nil {
auth.accessKey = ai.accessKeyId
}
} else if isUrlUsingSignatureAlgorithmV4(r) {
auth.authType = PresignedV4
ai, _ := parseRequestV4(r)
if ai != nil {
auth.accessKey = ai.Credential.AccessKey
}
}
return auth
}