[ARVADOS] updated: 2.1.0-161-gc75f2e9b8

Git user git at public.arvados.org
Mon Nov 30 16:04:17 UTC 2020 

Summary of changes:
 services/keep-web/handler.go      | 15 +++++---
 services/keep-web/handler_test.go | 16 +++++---
 services/keep-web/s3.go           | 78 ++++++++++++++++++++++++++-------------
 services/keep-web/s3_test.go      | 26 +++++++++----
 services/keep-web/server_test.go  |  8 ++--
 5 files changed, 95 insertions(+), 48 deletions(-)

       via  c75f2e9b8a29bcdadcb092122f6d30e2930c08a3 (commit)
       via  7d94b1ed55350c01689ad048aee961b261263dd9 (commit)
       via  aa1c0f3049f7b78e7590dde868b915bef9a7ebbe (commit)
       via  34f5aff9a166c0e03564b607981284b6d4af9548 (commit)
      from  7454769dd9bbfbac3af674dfff919c6d0bbc3896 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit c75f2e9b8a29bcdadcb092122f6d30e2930c08a3
Merge: 7454769dd 7d94b1ed5
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Nov 30 11:03:53 2020 -0500

    Merge branch '16774-keep-web-errors' refs #16774
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --cc services/keep-web/s3.go
index 373fd9a25,37fee3760..7fb90789a
--- a/services/keep-web/s3.go
+++ b/services/keep-web/s3.go
@@@ -186,9 -170,36 +186,36 @@@ func (h *handler) checks3signature(r *h
  	} else if expect != signature {
  		return "", fmt.Errorf("signature does not match (scope %q signedHeaders %q stringToSign %q)", scope, signedHeaders, stringToSign)
  	}
 -	return secret, nil
 +	return aca.TokenV2(), nil
  }
  
+ func s3ErrorResponse(w http.ResponseWriter, s3code string, message string, resource string, code int) {
+ 	w.Header().Set("Content-Type", "application/xml")
+ 	w.Header().Set("X-Content-Type-Options", "nosniff")
+ 	w.WriteHeader(code)
+ 	var errstruct struct {
+ 		Code      string
+ 		Message   string
+ 		Resource  string
+ 		RequestId string
+ 	}
+ 	errstruct.Code = s3code
+ 	errstruct.Message = message
+ 	errstruct.Resource = resource
+ 	errstruct.RequestId = ""
+ 	enc := xml.NewEncoder(w)
+ 	fmt.Fprint(w, xml.Header)
+ 	enc.EncodeElement(errstruct, xml.StartElement{Name: xml.Name{Local: "Error"}})
+ }
+ 
+ var NoSuchKey = "NoSuchKey"
+ var NoSuchBucket = "NoSuchBucket"
+ var InvalidArgument = "InvalidArgument"
+ var InternalError = "InternalError"
+ var UnauthorizedAccess = "UnauthorizedAccess"
+ var InvalidRequest = "InvalidRequest"
+ var SignatureDoesNotMatch = "SignatureDoesNotMatch"
+ 
  // serveS3 handles r and returns true if r is a request from an S3
  // client, otherwise it returns false.
  func (h *handler) serveS3(w http.ResponseWriter, r *http.Request) bool {
@@@ -196,10 -207,10 +223,10 @@@
  	if auth := r.Header.Get("Authorization"); strings.HasPrefix(auth, "AWS ") {
  		split := strings.SplitN(auth[4:], ":", 2)
  		if len(split) < 2 {
- 			http.Error(w, "malformed Authorization header", http.StatusUnauthorized)
+ 			s3ErrorResponse(w, InvalidRequest, "malformed Authorization header", r.URL.Path, http.StatusUnauthorized)
  			return true
  		}
 -		token = split[0]
 +		token = unescapeKey(split[0])
  	} else if strings.HasPrefix(auth, s3SignAlgorithm+" ") {
  		t, err := h.checks3signature(r)
  		if err != nil {
@@@ -275,9 -279,10 +302,9 @@@
  		return true
  	case r.Method == http.MethodPut:
  		if !objectNameGiven {
- 			http.Error(w, "missing object name in PUT request", http.StatusBadRequest)
+ 			s3ErrorResponse(w, InvalidArgument, "Missing object name in PUT request.", r.URL.Path, http.StatusBadRequest)
  			return true
  		}
 -		fspath := "by_id" + r.URL.Path
  		var objectIsDir bool
  		if strings.HasSuffix(fspath, "/") {
  			if !h.Config.cluster.Collections.S3FolderObjects {
@@@ -369,9 -374,10 +396,9 @@@
  		return true
  	case r.Method == http.MethodDelete:
  		if !objectNameGiven || r.URL.Path == "/" {
- 			http.Error(w, "missing object name in DELETE request", http.StatusBadRequest)
+ 			s3ErrorResponse(w, InvalidArgument, "missing object name in DELETE request", r.URL.Path, http.StatusBadRequest)
  			return true
  		}
 -		fspath := "by_id" + r.URL.Path
  		if strings.HasSuffix(fspath, "/") {
  			fspath = strings.TrimSuffix(fspath, "/")
  			fi, err := fs.Stat(fspath)

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list