Documentation
¶
Index ¶
- Constants
- Variables
- func ForceSignDecorator(keys Keys, host, methods string, ignoredCanonicalizedHeaders map[string]bool) httphandler.Decorator
- func SignAuthServiceDecorator(backend, credentialsStoreName, host string, ...) httphandler.Decorator
- func SignDecorator(keys Keys, region, host string, ignoredCanonicalizedHeaders map[string]bool) httphandler.Decorator
- type APIErrorCode
- type Keys
Constants ¶
View Source
const ( // Passthrough is basic type, does nothing to the request Passthrough = "passthrough" // S3FixedKey will sign requests with single key S3FixedKey = "S3FixedKey" // S3AuthService will sign requests using key from external source S3AuthService = "S3AuthService" )
Variables ¶
View Source
var Decorators = map[string]func(string, config.Storage, map[string]bool) (httphandler.Decorator, error){ Passthrough: func(string, config.Storage, map[string]bool) (httphandler.Decorator, error) { return func(rt http.RoundTripper) http.RoundTripper { return rt }, nil }, S3FixedKey: func(backend string, backendConf config.Storage, ignoredV2CanHeades map[string]bool) (httphandler.Decorator, error) { accessKey, ok := backendConf.Properties["AccessKey"] if !ok { return nil, fmt.Errorf("no AccessKey defined for backend type %q", S3FixedKey) } secret, ok := backendConf.Properties["Secret"] if !ok { return nil, fmt.Errorf("no Secret defined for backend type %q", S3FixedKey) } keys := Keys{ AccessKeyID: accessKey, SecretAccessKey: secret, } methods := backendConf.Properties["Methods"] return ForceSignDecorator(keys, backendConf.Backend.Host, methods, ignoredV2CanHeades), nil }, S3AuthService: func(backend string, backendConf config.Storage, ignoredV2CanHeaders map[string]bool) (httphandler.Decorator, error) { credentialsStoreName, ok := backendConf.Properties["CredentialsStore"] if !ok { credentialsStoreName = crdstore.DefaultCredentialsStoreName } return SignAuthServiceDecorator(backend, credentialsStoreName, backendConf.Backend.Host, ignoredV2CanHeaders), nil }, }
Decorators maps Backend type with httphadler decorators factory
Functions ¶
func ForceSignDecorator ¶
func ForceSignDecorator(keys Keys, host, methods string, ignoredCanonicalizedHeaders map[string]bool) httphandler.Decorator
ForceSignDecorator will recompute auth headers for new Key
func SignAuthServiceDecorator ¶
func SignAuthServiceDecorator(backend, credentialsStoreName, host string, ignoredCanonicalizedHeaders map[string]bool) httphandler.Decorator
SignAuthServiceDecorator will compute
func SignDecorator ¶
func SignDecorator(keys Keys, region, host string, ignoredCanonicalizedHeaders map[string]bool) httphandler.Decorator
SignDecorator will recompute auth headers for new Key
Types ¶
type APIErrorCode ¶
type APIErrorCode int
APIErrorCode type of error status.
const ( ErrSignatureDoesNotMatch APIErrorCode = iota ErrUnsupportedSignatureVersion ErrNone )
Error codes, non exhaustive list - http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html
func DoesSignMatch ¶
func DoesSignMatch(r *http.Request, cred Keys, ignoredCanonicalizedHeaders map[string]bool) APIErrorCode
DoesSignMatch - Verify authorization header with calculated header returns true if matches, false otherwise. if error is not nil then it is always false
Source Files
Click to show internal directories.
Click to hide internal directories.