From c50ec1599c953068ff2e7f4835d30b044ac3325d Mon Sep 17 00:00:00 2001
From: Chris Lu <chris.lu@gmail.com>
Date: Sun, 26 Jul 2020 12:09:50 -0700
Subject: [PATCH] auth for presigned put object part

---
 weed/s3api/s3api_object_multipart_handlers.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/weed/s3api/s3api_object_multipart_handlers.go b/weed/s3api/s3api_object_multipart_handlers.go
index 3282e4176..438af4b60 100644
--- a/weed/s3api/s3api_object_multipart_handlers.go
+++ b/weed/s3api/s3api_object_multipart_handlers.go
@@ -173,8 +173,6 @@ func (s3a *S3ApiServer) PutObjectPartHandler(w http.ResponseWriter, r *http.Requ
 	vars := mux.Vars(r)
 	bucket := vars["bucket"]
 
-	rAuthType := getRequestAuthType(r)
-
 	uploadID := r.URL.Query().Get("uploadId")
 	exists, err := s3a.exists(s3a.genUploadsFolder(bucket), uploadID, true)
 	if !exists {
@@ -193,10 +191,16 @@ func (s3a *S3ApiServer) PutObjectPartHandler(w http.ResponseWriter, r *http.Requ
 		return
 	}
 
-	var s3ErrCode ErrorCode
+	rAuthType := getRequestAuthType(r)
 	dataReader := r.Body
-	if rAuthType == authTypeStreamingSigned {
+	var s3ErrCode ErrorCode
+	switch rAuthType {
+	case authTypeStreamingSigned:
 		dataReader, s3ErrCode = s3a.iam.newSignV4ChunkedReader(r)
+	case authTypeSignedV2, authTypePresignedV2:
+		_, s3ErrCode = s3a.iam.isReqAuthenticatedV2(r)
+	case authTypePresigned, authTypeSigned:
+		_, s3ErrCode = s3a.iam.reqSignatureV4Verify(r)
 	}
 	if s3ErrCode != ErrNone {
 		writeErrorResponse(w, s3ErrCode, r.URL)