Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11008 Commits
32 Branches
298 Tags
167 MiB
Tree: 2637fc0a13
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2637fc0a13'
${ noResults }
seaweedfs/weed/s3api/s3api_object_handlers_put.go

215 lines
6.0 KiB
Raw Normal View History

split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
acl merge
5 months ago
split file
9 months ago
refactor all methods strings to const (#5726)
7 months ago
split file
9 months ago
  1. package s3api
  3. import (
  4. "crypto/md5"
  5. "encoding/json"
  6. "fmt"
  7. "github.com/pquerna/cachecontrol/cacheobject"
  8. "github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
  9. "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
  10. "github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
  11. "github.com/seaweedfs/seaweedfs/weed/security"
  12. "io"
  13. "net/http"
  14. "strings"
  15. "time"
  17. "github.com/seaweedfs/seaweedfs/weed/glog"
  18. weed_server "github.com/seaweedfs/seaweedfs/weed/server"
  19. )
  21. func (s3a *S3ApiServer) PutObjectHandler(w http.ResponseWriter, r *http.Request) {
  23. // http://docs.aws.amazon.com/AmazonS3/latest/dev/UploadingObjects.html
  25. bucket, object := s3_constants.GetBucketAndObject(r)
  26. glog.V(3).Infof("PutObjectHandler %s %s", bucket, object)
  28. _, err := validateContentMd5(r.Header)
  29. if err != nil {
  30. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidDigest)
  31. return
  32. }
  34. if r.Header.Get("Cache-Control") != "" {
  35. if _, err = cacheobject.ParseRequestCacheControl(r.Header.Get("Cache-Control")); err != nil {
  36. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidDigest)
  37. return
  38. }
  39. }
  41. if r.Header.Get("Expires") != "" {
  42. if _, err = time.Parse(http.TimeFormat, r.Header.Get("Expires")); err != nil {
  43. s3err.WriteErrorResponse(w, r, s3err.ErrMalformedDate)
  44. return
  45. }
  46. }
  48. dataReader := r.Body
  49. rAuthType := getRequestAuthType(r)
  50. if s3a.iam.isEnabled() {
  51. var s3ErrCode s3err.ErrorCode
  52. var identity *Identity
  53. switch rAuthType {
  54. case authTypeStreamingSigned:
  55. dataReader, identity, s3ErrCode = s3a.iam.newSignV4ChunkedReader(r)
  56. case authTypeSignedV2, authTypePresignedV2:
  57. identity, s3ErrCode = s3a.iam.isReqAuthenticatedV2(r)
  58. case authTypePresigned, authTypeSigned:
  59. identity, s3ErrCode = s3a.iam.reqSignatureV4Verify(r)
  60. case authTypeAnonymous:
  61. identity = s3a.iam.identityAnonymous
  62. }
  63. if s3ErrCode != s3err.ErrNone {
  64. s3err.WriteErrorResponse(w, r, s3ErrCode)
  65. return
  66. }
  67. if identity != nil && identity.Account.Id != AccountAnonymous.Id {
  68. r.Header.Set(s3_constants.AmzAccountId, identity.Account.Id)
  69. }
  70. } else {
  71. if authTypeStreamingSigned == rAuthType {
  72. s3err.WriteErrorResponse(w, r, s3err.ErrAuthNotSetup)
  73. return
  74. }
  75. }
  76. defer dataReader.Close()
  78. errCode := s3a.CheckAccessForPutObject(r, bucket, object)
  79. if errCode != s3err.ErrNone {
  80. s3err.WriteErrorResponse(w, r, errCode)
  81. return
  82. }
  84. objectContentType := r.Header.Get("Content-Type")
  85. if strings.HasSuffix(object, "/") && r.ContentLength == 0 {
  86. if err := s3a.mkdir(
  87. s3a.option.BucketsPath, bucket+strings.TrimSuffix(object, "/"),
  88. func(entry *filer_pb.Entry) {
  89. if objectContentType == "" {
  90. objectContentType = "httpd/unix-directory"
  91. }
  92. entry.Attributes.Mime = objectContentType
  93. }); err != nil {
  94. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  95. return
  96. }
  97. } else {
  98. uploadUrl := s3a.toFilerUrl(bucket, object)
  99. if objectContentType == "" {
  100. dataReader = mimeDetect(r, dataReader)
  101. }
  103. etag, errCode := s3a.putToFiler(r, uploadUrl, dataReader, "", bucket)
  105. if errCode != s3err.ErrNone {
  106. s3err.WriteErrorResponse(w, r, errCode)
  107. return
  108. }
  110. setEtag(w, etag)
  111. }
  113. writeSuccessResponseEmpty(w, r)
  114. }
  116. func (s3a *S3ApiServer) putToFiler(r *http.Request, uploadUrl string, dataReader io.Reader, destination string, bucket string) (etag string, code s3err.ErrorCode) {
  118. hash := md5.New()
  119. var body = io.TeeReader(dataReader, hash)
  121. proxyReq, err := http.NewRequest(http.MethodPut, uploadUrl, body)
  123. if err != nil {
  124. glog.Errorf("NewRequest %s: %v", uploadUrl, err)
  125. return "", s3err.ErrInternalError
  126. }
  128. proxyReq.Header.Set("X-Forwarded-For", r.RemoteAddr)
  129. if destination != "" {
  130. proxyReq.Header.Set(s3_constants.SeaweedStorageDestinationHeader, destination)
  131. }
  133. if s3a.option.FilerGroup != "" {
  134. query := proxyReq.URL.Query()
  135. query.Add("collection", s3a.getCollectionName(bucket))
  136. proxyReq.URL.RawQuery = query.Encode()
  137. }
  139. for header, values := range r.Header {
  140. for _, value := range values {
  141. proxyReq.Header.Add(header, value)
  142. }
  143. }
  144. // ensure that the Authorization header is overriding any previous
  145. // Authorization header which might be already present in proxyReq
  146. s3a.maybeAddFilerJwtAuthorization(proxyReq, true)
  147. resp, postErr := s3a.client.Do(proxyReq)
  149. if postErr != nil {
  150. glog.Errorf("post to filer: %v", postErr)
  151. return "", s3err.ErrInternalError
  152. }
  153. defer resp.Body.Close()
  155. etag = fmt.Sprintf("%x", hash.Sum(nil))
  157. resp_body, ra_err := io.ReadAll(resp.Body)
  158. if ra_err != nil {
  159. glog.Errorf("upload to filer response read %d: %v", resp.StatusCode, ra_err)
  160. return etag, s3err.ErrInternalError
  161. }
  162. var ret weed_server.FilerPostResult
  163. unmarshal_err := json.Unmarshal(resp_body, &ret)
  164. if unmarshal_err != nil {
  165. glog.Errorf("failing to read upload to %s : %v", uploadUrl, string(resp_body))
  166. return "", s3err.ErrInternalError
  167. }
  168. if ret.Error != "" {
  169. glog.Errorf("upload to filer error: %v", ret.Error)
  170. return "", filerErrorToS3Error(ret.Error)
  171. }
  173. return etag, s3err.ErrNone
  174. }
  176. func setEtag(w http.ResponseWriter, etag string) {
  177. if etag != "" {
  178. if strings.HasPrefix(etag, "\"") {
  179. w.Header()["ETag"] = []string{etag}
  180. } else {
  181. w.Header()["ETag"] = []string{"\"" + etag + "\""}
  182. }
  183. }
  184. }
  186. func filerErrorToS3Error(errString string) s3err.ErrorCode {
  187. switch {
  188. case strings.HasPrefix(errString, "existing ") && strings.HasSuffix(errString, "is a directory"):
  189. return s3err.ErrExistingObjectIsDirectory
  190. case strings.HasSuffix(errString, "is a file"):
  191. return s3err.ErrExistingObjectIsFile
  192. default:
  193. return s3err.ErrInternalError
  194. }
  195. }
  197. func (s3a *S3ApiServer) maybeAddFilerJwtAuthorization(r *http.Request, isWrite bool) {
  198. encodedJwt := s3a.maybeGetFilerJwtAuthorizationToken(isWrite)
  200. if encodedJwt == "" {
  201. return
  202. }
  204. r.Header.Set("Authorization", "BEARER "+string(encodedJwt))
  205. }
  207. func (s3a *S3ApiServer) maybeGetFilerJwtAuthorizationToken(isWrite bool) string {
  208. var encodedJwt security.EncodedJwt
  209. if isWrite {
  210. encodedJwt = security.GenJwtForFilerServer(s3a.filerGuard.SigningKey, s3a.filerGuard.ExpiresAfterSec)
  211. } else {
  212. encodedJwt = security.GenJwtForFilerServer(s3a.filerGuard.ReadSigningKey, s3a.filerGuard.ReadExpiresAfterSec)
  213. }
  214. return string(encodedJwt)
  215. }