forked from Deuxfleurs/garage
[fix-presigned] PostObject: verify X-Amz-Algorithm
This commit is contained in:
parent
a8cb8e8a8b
commit
2efa9c5a1a
1 changed files with 10 additions and 0 deletions
|
@ -449,6 +449,16 @@ impl Authorization {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) fn parse_form(params: &HeaderMap) -> Result<Self, Error> {
|
pub(crate) fn parse_form(params: &HeaderMap) -> Result<Self, Error> {
|
||||||
|
let algorithm = params
|
||||||
|
.get(X_AMZ_ALGORITHM)
|
||||||
|
.ok_or_bad_request("Missing X-Amz-Algorithm header")?
|
||||||
|
.to_str()?;
|
||||||
|
if algorithm != AWS4_HMAC_SHA256 {
|
||||||
|
return Err(Error::bad_request(
|
||||||
|
"Unsupported authorization method".to_string(),
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
let credential = params
|
let credential = params
|
||||||
.get(X_AMZ_CREDENTIAL)
|
.get(X_AMZ_CREDENTIAL)
|
||||||
.ok_or_else(|| Error::forbidden("Garage does not support anonymous access yet"))?
|
.ok_or_else(|| Error::forbidden("Garage does not support anonymous access yet"))?
|
||||||
|
|
Loading…
Reference in a new issue