Check endpoint validity for pre-signed URLs #1027
Conversation
|
I have a question. Do we need to have My concern is about the internal command: ./neofs-s3-authmate generate-presigned-url \
--endpoint 'http://localhost:19080' \
--method 'GET' --bucket 'heh1732164910' \
--object 'file-1732164943.txt' \
--lifetime '3600s' \
--aws-secret-access-key '48966f87c37c12c15548a30ef3c1319438b9364a11ca033bea6fc4e2eb5565de' \
--aws-access-key-id '78Tx3pRmSXNryyVUA7N1WCxg8JZWaGcR2G5M8AWbWuur04iSdjuV8LM51duiiSgY8KqyuMTx4XFLEMfWPtC9fkWLo'It easily can be replaced with native AWS CLI: and leads to the same result. Of course, Don't you mind if we remove this |
|
I'm not sure why it was added in the first place. If |
api/auth/center.go
Outdated
| @@ -314,7 +315,7 @@ func cloneRequest(r *http.Request, authHeader *authHeader) *http.Request { | |||
|
|
|||
| func (c *center) checkSign(authHeader *authHeader, box *accessbox.Box, request *http.Request, signatureDateTime time.Time) error { | |||
| awsCreds := credentials.NewStaticCredentials(authHeader.AccessKeyID, box.Gate.AccessKey, "") | |||
| signer := v4.NewSigner(awsCreds) | |||
| signer := v4amz.NewSigner(awsCreds) | |||
There was a problem hiding this comment.
Why was it added initially?
There was a problem hiding this comment.
Our implementation?
There was a problem hiding this comment.
Maybe #1028 can help here.
|
Not a lot of traces left. |
|
@roman-khimov nope, i don't need the authmate generate-presigned-url. Using aws cli/boto3 seems to be the right way to go. |
Closes #1025. Signed-off-by: Evgenii Baidakov <[email protected]>
smallhive
force-pushed
the
1025-cant-get-object-with-presigned-url
branch
from
03b2976
to
d817ab3
Compare
|
I left only a fix for presign URLs. Internal AWS implementation displaced to another PR |
Closes #1025.