Return meaningful error when requesting the S3 API without auth #162
Labels
No Label
AdminAPI
Bug
Check AWS
CI
Correctness
Critical
Documentation
Ideas
Improvement
Low priority
Newcomer
Performance
S3 Compatibility
Testing
Usability
No Milestone
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Deuxfleurs/garage#162
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
We do not support requesting the S3 API without authentication but it is supported by Amazon and Minio. When we do it on Garage, the following cryptic error is returned:
This error comes from this code: https://git.deuxfleurs.fr/Deuxfleurs/garage/src/branch/main/src/api/signature.rs#L167-L170
We should probably handle the absence of signature as a special case, then in the api_server.rs check against this specific error, and for know, simply return a 403 forbidden.
In the future, we might have a more complex permission system that allow unauthenticated requests to be handled on the API.