Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

BUGFIX: ensure Authorization header is only added once

pull/2543/head
Sebastian Kurfuerst 3 years ago
parent
1cd3b6b4e1
commit
c35660175d
2 changed files with 9 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      weed/s3api/s3api_object_handlers.go
  2. 4
      weed/util/http_util.go

11
weed/s3api/s3api_object_handlers.go
View File

@ -312,7 +312,6 @@ func (s3a *S3ApiServer) proxyToFiler(w http.ResponseWriter, r *http.Request, des
glog.V(3).Infof("s3 proxying %s to %s", r.Method, destUrl) glog.V(3).Infof("s3 proxying %s to %s", r.Method, destUrl)
proxyReq, err := http.NewRequest(r.Method, destUrl, r.Body) proxyReq, err := http.NewRequest(r.Method, destUrl, r.Body)
s3a.maybeAddFilerJwtAuthorization(proxyReq, isWrite)
if err != nil { if err != nil {
glog.Errorf("NewRequest %s: %v", destUrl, err) glog.Errorf("NewRequest %s: %v", destUrl, err)
@ -330,6 +329,9 @@ func (s3a *S3ApiServer) proxyToFiler(w http.ResponseWriter, r *http.Request, des
proxyReq.Header[header] = values proxyReq.Header[header] = values
} }
// ensure that the Authorization header is overriding any previous
// Authorization header which might be already present in proxyReq
s3a.maybeAddFilerJwtAuthorization(proxyReq, isWrite)
resp, postErr := client.Do(proxyReq) resp, postErr := client.Do(proxyReq)
if postErr != nil { if postErr != nil {
@ -376,7 +378,6 @@ func (s3a *S3ApiServer) putToFiler(r *http.Request, uploadUrl string, dataReader
var body = io.TeeReader(dataReader, hash) var body = io.TeeReader(dataReader, hash)
proxyReq, err := http.NewRequest("PUT", uploadUrl, body) proxyReq, err := http.NewRequest("PUT", uploadUrl, body)
s3a.maybeAddFilerJwtAuthorization(proxyReq, true)
if err != nil { if err != nil {
glog.Errorf("NewRequest %s: %v", uploadUrl, err) glog.Errorf("NewRequest %s: %v", uploadUrl, err)
@ -390,7 +391,9 @@ func (s3a *S3ApiServer) putToFiler(r *http.Request, uploadUrl string, dataReader
proxyReq.Header.Add(header, value) proxyReq.Header.Add(header, value)
} }
} }
// ensure that the Authorization header is overriding any previous
// Authorization header which might be already present in proxyReq
s3a.maybeAddFilerJwtAuthorization(proxyReq, true)
resp, postErr := client.Do(proxyReq) resp, postErr := client.Do(proxyReq)
if postErr != nil { if postErr != nil {
@ -444,7 +447,7 @@ func (s3a *S3ApiServer) maybeAddFilerJwtAuthorization(r *http.Request, isWrite b
return return
} }
r.Header.Add("Authorization", "BEARER "+string(encodedJwt))
r.Header.Set("Authorization", "BEARER "+string(encodedJwt))
} }
func (s3a *S3ApiServer) maybeGetFilerJwtAuthorizationToken(isWrite bool) string { func (s3a *S3ApiServer) maybeGetFilerJwtAuthorizationToken(isWrite bool) string {

4
weed/util/http_util.go
View File

@ -186,7 +186,7 @@ func DownloadFile(fileUrl string, jwt string) (filename string, header http.Head
} }
if len(jwt) > 0 { if len(jwt) > 0 {
req.Header.Add("Authorization", "BEARER "+jwt)
req.Header.Set("Authorization", "BEARER "+jwt)
} }
response, err := client.Do(req) response, err := client.Do(req)
@ -380,7 +380,7 @@ func ReadUrlAsReaderCloser(fileUrl string, jwt string, rangeHeader string) (io.R
} }
if len(jwt) > 0 { if len(jwt) > 0 {
req.Header.Add("Authorization", "BEARER "+jwt)
req.Header.Set("Authorization", "BEARER "+jwt)
} }
r, err := client.Do(req) r, err := client.Do(req)

Write Preview
Loading…
Cancel
Save