diff --git a/src/api/k2v/api_server.rs b/src/api/k2v/api_server.rs index 0efa5d8e..39b6f267 100644 --- a/src/api/k2v/api_server.rs +++ b/src/api/k2v/api_server.rs @@ -81,7 +81,7 @@ impl ApiHandler for K2VApiServer { return handle_options_s3api(garage, &req, Some(bucket_name)).await; } - let (api_key, mut content_sha256) = check_payload_signature(&garage, &req).await?; + let (api_key, mut content_sha256) = check_payload_signature(&garage, "k2v", &req).await?; let api_key = api_key.ok_or_else(|| { Error::Forbidden("Garage does not support anonymous access yet".to_string()) })?; diff --git a/src/api/s3/api_server.rs b/src/api/s3/api_server.rs index 04e3727f..d908f84a 100644 --- a/src/api/s3/api_server.rs +++ b/src/api/s3/api_server.rs @@ -121,7 +121,7 @@ impl ApiHandler for S3ApiServer { return handle_options_s3api(garage, &req, bucket_name).await; } - let (api_key, mut content_sha256) = check_payload_signature(&garage, &req).await?; + let (api_key, mut content_sha256) = check_payload_signature(&garage, "s3", &req).await?; let api_key = api_key.ok_or_else(|| { Error::Forbidden("Garage does not support anonymous access yet".to_string()) })?; diff --git a/src/api/s3/post_object.rs b/src/api/s3/post_object.rs index a060c8fb..86fa7880 100644 --- a/src/api/s3/post_object.rs +++ b/src/api/s3/post_object.rs @@ -119,7 +119,15 @@ pub async fn handle_post_object( }; let date = parse_date(date)?; - let api_key = verify_v4(&garage, credential, &date, signature, policy.as_bytes()).await?; + let api_key = verify_v4( + &garage, + "s3", + credential, + &date, + signature, + policy.as_bytes(), + ) + .await?; let bucket_id = resolve_bucket(&garage, &bucket, &api_key).await?; diff --git a/src/api/signature/payload.rs b/src/api/signature/payload.rs index 2a41b307..59d7ff6a 100644 --- a/src/api/signature/payload.rs +++ b/src/api/signature/payload.rs @@ -19,6 +19,7 @@ use crate::error::*; pub async fn check_payload_signature( garage: &Garage, + service: &str, request: &Request
, ) -> Result<(Option