mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2024-01-19 02:48:24 +00:00
BUGFIX: ensure Authorization header is only added once
This commit is contained in:
parent
1cd3b6b4e1
commit
c35660175d
|
@ -312,7 +312,6 @@ func (s3a *S3ApiServer) proxyToFiler(w http.ResponseWriter, r *http.Request, des
|
||||||
glog.V(3).Infof("s3 proxying %s to %s", r.Method, destUrl)
|
glog.V(3).Infof("s3 proxying %s to %s", r.Method, destUrl)
|
||||||
|
|
||||||
proxyReq, err := http.NewRequest(r.Method, destUrl, r.Body)
|
proxyReq, err := http.NewRequest(r.Method, destUrl, r.Body)
|
||||||
s3a.maybeAddFilerJwtAuthorization(proxyReq, isWrite)
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
glog.Errorf("NewRequest %s: %v", destUrl, err)
|
glog.Errorf("NewRequest %s: %v", destUrl, err)
|
||||||
|
@ -330,6 +329,9 @@ func (s3a *S3ApiServer) proxyToFiler(w http.ResponseWriter, r *http.Request, des
|
||||||
proxyReq.Header[header] = values
|
proxyReq.Header[header] = values
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ensure that the Authorization header is overriding any previous
|
||||||
|
// Authorization header which might be already present in proxyReq
|
||||||
|
s3a.maybeAddFilerJwtAuthorization(proxyReq, isWrite)
|
||||||
resp, postErr := client.Do(proxyReq)
|
resp, postErr := client.Do(proxyReq)
|
||||||
|
|
||||||
if postErr != nil {
|
if postErr != nil {
|
||||||
|
@ -376,7 +378,6 @@ func (s3a *S3ApiServer) putToFiler(r *http.Request, uploadUrl string, dataReader
|
||||||
var body = io.TeeReader(dataReader, hash)
|
var body = io.TeeReader(dataReader, hash)
|
||||||
|
|
||||||
proxyReq, err := http.NewRequest("PUT", uploadUrl, body)
|
proxyReq, err := http.NewRequest("PUT", uploadUrl, body)
|
||||||
s3a.maybeAddFilerJwtAuthorization(proxyReq, true)
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
glog.Errorf("NewRequest %s: %v", uploadUrl, err)
|
glog.Errorf("NewRequest %s: %v", uploadUrl, err)
|
||||||
|
@ -390,7 +391,9 @@ func (s3a *S3ApiServer) putToFiler(r *http.Request, uploadUrl string, dataReader
|
||||||
proxyReq.Header.Add(header, value)
|
proxyReq.Header.Add(header, value)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// ensure that the Authorization header is overriding any previous
|
||||||
|
// Authorization header which might be already present in proxyReq
|
||||||
|
s3a.maybeAddFilerJwtAuthorization(proxyReq, true)
|
||||||
resp, postErr := client.Do(proxyReq)
|
resp, postErr := client.Do(proxyReq)
|
||||||
|
|
||||||
if postErr != nil {
|
if postErr != nil {
|
||||||
|
@ -444,7 +447,7 @@ func (s3a *S3ApiServer) maybeAddFilerJwtAuthorization(r *http.Request, isWrite b
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
r.Header.Add("Authorization", "BEARER "+string(encodedJwt))
|
r.Header.Set("Authorization", "BEARER "+string(encodedJwt))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s3a *S3ApiServer) maybeGetFilerJwtAuthorizationToken(isWrite bool) string {
|
func (s3a *S3ApiServer) maybeGetFilerJwtAuthorizationToken(isWrite bool) string {
|
||||||
|
|
|
@ -186,7 +186,7 @@ func DownloadFile(fileUrl string, jwt string) (filename string, header http.Head
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(jwt) > 0 {
|
if len(jwt) > 0 {
|
||||||
req.Header.Add("Authorization", "BEARER "+jwt)
|
req.Header.Set("Authorization", "BEARER "+jwt)
|
||||||
}
|
}
|
||||||
|
|
||||||
response, err := client.Do(req)
|
response, err := client.Do(req)
|
||||||
|
@ -380,7 +380,7 @@ func ReadUrlAsReaderCloser(fileUrl string, jwt string, rangeHeader string) (io.R
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(jwt) > 0 {
|
if len(jwt) > 0 {
|
||||||
req.Header.Add("Authorization", "BEARER "+jwt)
|
req.Header.Set("Authorization", "BEARER "+jwt)
|
||||||
}
|
}
|
||||||
|
|
||||||
r, err := client.Do(req)
|
r, err := client.Do(req)
|
||||||
|
|
Loading…
Reference in a new issue