apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-12-16 10:32:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Bug CS-12441: Fixing rest auth by generating QueryString to validate signature

Browse Source
This commit is contained in:
Sam Robertson 2012-06-20 12:50:15 -07:00
parent 27265597bf
commit cb403b1c97
1 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
awsapi/src/com/cloud/bridge/service/EC2RestServlet.java
View File

@ -23,6 +23,7 @@ import java.io.FileOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.OutputStream; import java.io.OutputStream;
import java.io.OutputStreamWriter; import java.io.OutputStreamWriter;
import java.net.URLEncoder;
import java.security.KeyStore; import java.security.KeyStore;
import java.security.SignatureException; import java.security.SignatureException;
import java.security.cert.Certificate; import java.security.cert.Certificate;
@ -178,7 +179,7 @@ public class EC2RestServlet extends HttpServlet {
} }
String keystore = EC2Prop.getProperty( "keystore" ); String keystore = EC2Prop.getProperty( "keystore" );
keystorePassword = EC2Prop.getProperty( "keystorePass" ); keystorePassword = EC2Prop.getProperty( "keystorePass" );
wsdlVersion = EC2Prop.getProperty( "WSDLVersion", "2009-11-30" ); wsdlVersion = EC2Prop.getProperty( "WSDLVersion", "2010-11-15" );
version = EC2Prop.getProperty( "cloudbridgeVersion", "UNKNOWN VERSION" ); version = EC2Prop.getProperty( "cloudbridgeVersion", "UNKNOWN VERSION" );
String installedPath = System.getenv("CATALINA_HOME"); String installedPath = System.getenv("CATALINA_HOME");
@ -1716,7 +1717,26 @@ public class EC2RestServlet extends HttpServlet {
requestUri=forwardedPath; requestUri=forwardedPath;
} }
restAuth.setHTTPRequestURI( requestUri); restAuth.setHTTPRequestURI( requestUri);
restAuth.setQueryString( request.getQueryString());
String queryString = request.getQueryString();
// getQueryString returns null (does it ever NOT return null for these),
// we need to construct queryString to avoid changing the auth code...
if (queryString == null) {
// construct our idea of a queryString with parameters!
Enumeration<?> params = request.getParameterNames();
if (params != null) {
while(params.hasMoreElements()) {
String paramName = (String) params.nextElement();
// exclude the signature string obviously. ;)
if (paramName.equalsIgnoreCase("Signature")) continue;
if (queryString == null)
queryString = paramName + "=" + request.getParameter(paramName);
else
queryString = queryString + "&" + paramName + "=" + URLEncoder.encode(request.getParameter(paramName), "UTF-8");
}
}
}
restAuth.setQueryString(queryString);
if ( restAuth.verifySignature( request.getMethod(), cloudSecretKey, signature, sigMethod )) { if ( restAuth.verifySignature( request.getMethod(), cloudSecretKey, signature, sigMethod )) {
UserContext.current().initContext( cloudAccessKey, cloudSecretKey, cloudAccessKey, "REST request", null ); UserContext.current().initContext( cloudAccessKey, cloudSecretKey, cloudAccessKey, "REST request", null );