apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-12-15 18:12:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Bug CS-12441: Fixing rest auth by generating QueryString to validate signature

Browse Source
This commit is contained in:
Sam Robertson 2012-06-20 12:50:15 -07:00
parent 27265597bf
commit cb403b1c97
1 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
awsapi/src/com/cloud/bridge/service/EC2RestServlet.java
View File

@ -23,6 +23,7 @@ import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.net.URLEncoder;
import java.security.KeyStore;
import java.security.SignatureException;
import java.security.cert.Certificate;
@ -178,7 +179,7 @@ public class EC2RestServlet extends HttpServlet {
}
String keystore = EC2Prop.getProperty( "keystore" );
keystorePassword = EC2Prop.getProperty( "keystorePass" );
wsdlVersion = EC2Prop.getProperty( "WSDLVersion", "2009-11-30" );
wsdlVersion = EC2Prop.getProperty( "WSDLVersion", "2010-11-15" );
version = EC2Prop.getProperty( "cloudbridgeVersion", "UNKNOWN VERSION" );
String installedPath = System.getenv("CATALINA_HOME");
@ -1706,18 +1707,37 @@ public class EC2RestServlet extends HttpServlet {
// [C] Verify the signature
// -> getting the query-string in this way maintains its URL encoding
EC2RestAuth restAuth = new EC2RestAuth();
restAuth.setHostHeader( request.getHeader( "Host" ));
String requestUri = request.getRequestURI();
//If forwarded from another basepath:
String forwardedPath = (String) request.getAttribute("javax.servlet.forward.request_uri");
if(forwardedPath!=null){
requestUri=forwardedPath;
}
restAuth.setHTTPRequestURI( requestUri);
restAuth.setQueryString( request.getQueryString());
EC2RestAuth restAuth = new EC2RestAuth();
restAuth.setHostHeader( request.getHeader( "Host" ));
String requestUri = request.getRequestURI();
// If forwarded from another basepath:
String forwardedPath = (String) request.getAttribute("javax.servlet.forward.request_uri");
if(forwardedPath!=null){
requestUri=forwardedPath;
}
restAuth.setHTTPRequestURI( requestUri);
String queryString = request.getQueryString();
// getQueryString returns null (does it ever NOT return null for these),
// we need to construct queryString to avoid changing the auth code...
if (queryString == null) {
// construct our idea of a queryString with parameters!
Enumeration<?> params = request.getParameterNames();
if (params != null) {
while(params.hasMoreElements()) {
String paramName = (String) params.nextElement();
// exclude the signature string obviously. ;)
if (paramName.equalsIgnoreCase("Signature")) continue;
if (queryString == null)
queryString = paramName + "=" + request.getParameter(paramName);
else
queryString = queryString + "&" + paramName + "=" + URLEncoder.encode(request.getParameter(paramName), "UTF-8");
}
}
}
restAuth.setQueryString(queryString);
if ( restAuth.verifySignature( request.getMethod(), cloudSecretKey, signature, sigMethod )) {
UserContext.current().initContext( cloudAccessKey, cloudSecretKey, cloudAccessKey, "REST request", null );
return true;