garage/src/api/api_server.rs

397 lines
11 KiB
Rust
Raw Normal View History

2020-04-24 18:47:11 +00:00
use std::collections::HashMap;
use std::net::SocketAddr;
use std::sync::Arc;
2020-04-06 17:55:39 +00:00
use futures::future::Future;
2021-11-11 10:26:02 +00:00
use hyper::header;
use hyper::server::conn::AddrStream;
use hyper::service::{make_service_fn, service_fn};
2020-04-24 18:47:11 +00:00
use hyper::{Body, Method, Request, Response, Server};
2020-11-08 14:04:30 +00:00
use garage_util::error::Error as GarageError;
2020-04-23 17:05:46 +00:00
2020-07-07 11:59:22 +00:00
use garage_model::garage::Garage;
2020-04-23 17:05:46 +00:00
2020-11-08 14:04:30 +00:00
use crate::error::*;
2020-04-24 17:46:52 +00:00
use crate::signature::check_signature;
2021-11-11 10:26:02 +00:00
use crate::helpers::*;
use crate::s3_bucket::*;
2020-04-28 10:18:14 +00:00
use crate::s3_copy::*;
use crate::s3_delete::*;
2020-04-26 20:39:32 +00:00
use crate::s3_get::*;
use crate::s3_list::*;
use crate::s3_put::*;
2021-03-26 21:32:09 +00:00
/// Run the S3 API server
pub async fn run_api_server(
garage: Arc<Garage>,
shutdown_signal: impl Future<Output = ()>,
2020-11-08 14:04:30 +00:00
) -> Result<(), GarageError> {
2020-04-24 17:46:52 +00:00
let addr = &garage.config.s3_api.api_bind_addr;
let service = make_service_fn(|conn: &AddrStream| {
2020-04-08 20:00:41 +00:00
let garage = garage.clone();
let client_addr = conn.remote_addr();
2020-04-06 17:55:39 +00:00
async move {
2020-11-08 14:04:30 +00:00
Ok::<_, GarageError>(service_fn(move |req: Request<Body>| {
2020-04-08 20:00:41 +00:00
let garage = garage.clone();
handler(garage, req, client_addr)
2020-04-06 17:55:39 +00:00
}))
}
});
2021-10-26 08:20:05 +00:00
let server = Server::bind(addr).serve(service);
let graceful = server.with_graceful_shutdown(shutdown_signal);
2020-04-21 12:54:55 +00:00
info!("API server listening on http://{}", addr);
graceful.await?;
Ok(())
}
async fn handler(
garage: Arc<Garage>,
req: Request<Body>,
addr: SocketAddr,
2020-11-08 14:04:30 +00:00
) -> Result<Response<Body>, GarageError> {
let uri = req.uri().clone();
info!("{} {} {}", addr, req.method(), uri);
2020-04-24 17:46:52 +00:00
debug!("{:?}", req);
match handler_inner(garage.clone(), req).await {
2020-04-24 17:46:52 +00:00
Ok(x) => {
debug!("{} {:?}", x.status(), x.headers());
Ok(x)
}
Err(e) => {
let body: Body = Body::from(e.aws_xml(&garage.config.s3_api.s3_region, uri.path()));
let http_error = Response::builder()
.status(e.http_status_code())
.header("Content-Type", "application/xml")
.body(body)?;
if e.http_status_code().is_server_error() {
warn!("Response: error {}, {}", e.http_status_code(), e);
} else {
info!("Response: error {}, {}", e.http_status_code(), e);
}
2020-04-09 15:32:28 +00:00
Ok(http_error)
}
}
}
async fn handler_inner(garage: Arc<Garage>, req: Request<Body>) -> Result<Response<Body>, Error> {
2020-04-24 17:46:52 +00:00
let path = req.uri().path().to_string();
2020-05-04 13:09:23 +00:00
let path = percent_encoding::percent_decode_str(&path).decode_utf8()?;
2021-05-02 20:30:56 +00:00
let (api_key, content_sha256) = check_signature(&garage, &req).await?;
if path == "/" {
return handle_list_buckets(&api_key);
}
2021-11-11 10:26:02 +00:00
let authority = req
.headers()
.get(header::HOST)
.ok_or_else(|| Error::BadRequest("HOST header required".to_owned()))?
.to_str()?;
// Get bucket
let host = authority_to_host(authority)?;
let (bucket, key) = parse_bucket_key(
&path,
Some(&host),
garage.config.s3_api.root_domain.as_deref(),
)?;
2020-04-24 17:46:52 +00:00
let allowed = match req.method() {
2021-10-26 08:20:05 +00:00
&Method::HEAD | &Method::GET => api_key.allow_read(bucket),
_ => api_key.allow_write(bucket),
2020-04-24 17:46:52 +00:00
};
if !allowed {
2021-04-23 20:18:00 +00:00
return Err(Error::Forbidden(
"Operation is not allowed for this key.".to_string(),
));
2020-04-24 17:46:52 +00:00
}
2020-04-26 20:39:32 +00:00
let mut params = HashMap::new();
if let Some(query) = req.uri().query() {
let query_pairs = url::form_urlencoded::parse(query.as_bytes());
for (key, val) in query_pairs {
params.insert(key.to_lowercase(), val.to_string());
}
}
2020-04-24 17:46:52 +00:00
if let Some(key) = key {
2021-04-23 20:18:00 +00:00
match *req.method() {
Method::HEAD => {
2020-04-26 20:39:32 +00:00
// HeadObject query
2021-10-26 08:20:05 +00:00
Ok(handle_head(garage, &req, bucket, key).await?)
2020-04-26 20:39:32 +00:00
}
2021-04-23 20:18:00 +00:00
Method::GET => {
2020-04-26 20:39:32 +00:00
// GetObject query
2021-10-26 08:20:05 +00:00
Ok(handle_get(garage, &req, bucket, key).await?)
2020-04-26 20:39:32 +00:00
}
2021-04-23 20:18:00 +00:00
Method::PUT => {
2020-04-28 10:18:14 +00:00
if params.contains_key(&"partnumber".to_string())
&& params.contains_key(&"uploadid".to_string())
2020-04-26 20:39:32 +00:00
{
2020-04-26 20:46:21 +00:00
// UploadPart query
2020-04-26 20:39:32 +00:00
let part_number = params.get("partnumber").unwrap();
let upload_id = params.get("uploadid").unwrap();
Ok(handle_put_part(
garage,
req,
2021-10-26 08:20:05 +00:00
bucket,
key,
part_number,
upload_id,
content_sha256,
)
.await?)
2020-04-28 10:18:14 +00:00
} else if req.headers().contains_key("x-amz-copy-source") {
// CopyObject query
let copy_source = req.headers().get("x-amz-copy-source").unwrap().to_str()?;
2020-05-04 13:09:23 +00:00
let copy_source =
2021-10-26 08:20:05 +00:00
percent_encoding::percent_decode_str(copy_source).decode_utf8()?;
2021-11-11 10:26:02 +00:00
let (source_bucket, source_key) = parse_bucket_key(&copy_source, None, None)?;
2021-10-26 08:20:05 +00:00
if !api_key.allow_read(source_bucket) {
2020-04-28 10:18:14 +00:00
return Err(Error::Forbidden(format!(
"Reading from bucket {} not allowed for this key",
source_bucket
)));
}
2020-11-08 14:04:30 +00:00
let source_key = source_key.ok_or_bad_request("No source key specified")?;
2021-10-26 08:20:05 +00:00
Ok(handle_copy(garage, &req, bucket, key, source_bucket, source_key).await?)
2020-04-26 20:39:32 +00:00
} else {
// PutObject query
2021-10-26 08:20:05 +00:00
Ok(handle_put(garage, req, bucket, key, content_sha256).await?)
2020-04-26 20:39:32 +00:00
}
2020-04-24 17:46:52 +00:00
}
2021-04-23 20:18:00 +00:00
Method::DELETE => {
2020-04-26 20:46:21 +00:00
if params.contains_key(&"uploadid".to_string()) {
// AbortMultipartUpload query
let upload_id = params.get("uploadid").unwrap();
2021-10-26 08:20:05 +00:00
Ok(handle_abort_multipart_upload(garage, bucket, key, upload_id).await?)
2020-04-26 20:46:21 +00:00
} else {
// DeleteObject query
2021-10-26 08:20:05 +00:00
Ok(handle_delete(garage, bucket, key).await?)
2020-04-26 20:46:21 +00:00
}
2020-04-24 17:46:52 +00:00
}
2021-04-23 20:18:00 +00:00
Method::POST => {
2020-04-26 20:39:32 +00:00
if params.contains_key(&"uploads".to_string()) {
// CreateMultipartUpload call
2021-10-26 08:20:05 +00:00
Ok(handle_create_multipart_upload(garage, &req, bucket, key).await?)
2020-04-26 20:39:32 +00:00
} else if params.contains_key(&"uploadid".to_string()) {
2020-04-26 20:46:21 +00:00
// CompleteMultipartUpload call
2020-04-26 20:39:32 +00:00
let upload_id = params.get("uploadid").unwrap();
2021-02-23 17:46:25 +00:00
Ok(handle_complete_multipart_upload(
garage,
req,
2021-10-26 08:20:05 +00:00
bucket,
key,
2021-02-23 17:46:25 +00:00
upload_id,
content_sha256,
2020-04-28 10:18:14 +00:00
)
2021-02-23 17:46:25 +00:00
.await?)
2020-04-26 20:39:32 +00:00
} else {
2021-04-23 20:18:00 +00:00
Err(Error::BadRequest(
"Not a CreateMultipartUpload call, what is it?".to_string(),
))
2020-04-26 20:39:32 +00:00
}
}
2021-04-23 20:18:00 +00:00
_ => Err(Error::BadRequest("Invalid method".to_string())),
}
2020-04-24 17:46:52 +00:00
} else {
2021-04-23 20:18:00 +00:00
match *req.method() {
Method::PUT => {
// CreateBucket
// If we're here, the bucket already exists, so just answer ok
debug!(
"Body: {}",
std::str::from_utf8(&hyper::body::to_bytes(req.into_body()).await?)
.unwrap_or("<invalid utf8>")
);
let empty_body: Body = Body::from(vec![]);
let response = Response::builder()
.header("Location", format!("/{}", bucket))
.body(empty_body)
.unwrap();
Ok(response)
2020-04-26 18:55:13 +00:00
}
2021-04-23 20:18:00 +00:00
Method::HEAD => {
// HeadBucket
let empty_body: Body = Body::from(vec![]);
let response = Response::builder().body(empty_body).unwrap();
Ok(response)
}
2021-04-23 20:18:00 +00:00
Method::DELETE => {
2020-04-26 20:39:32 +00:00
// DeleteBucket query
Err(Error::Forbidden(
"Cannot delete buckets using S3 api, please talk to Garage directly".into(),
))
}
2021-04-23 20:18:00 +00:00
Method::GET => {
if params.contains_key("location") {
// GetBucketLocation call
Ok(handle_get_bucket_location(garage)?)
} else if params.contains_key("versioning") {
// GetBucketVersioning
Ok(handle_get_bucket_versioning()?)
} else {
// ListObjects or ListObjectsV2 query
let q = parse_list_objects_query(bucket, &params)?;
Ok(handle_list(garage, &q).await?)
}
}
2021-04-23 20:18:00 +00:00
Method::POST => {
2020-05-04 13:09:23 +00:00
if params.contains_key(&"delete".to_string()) {
// DeleteObjects
Ok(handle_delete_objects(garage, bucket, req, content_sha256).await?)
2020-05-04 13:09:23 +00:00
} else {
debug!(
2020-05-04 13:09:23 +00:00
"Body: {}",
std::str::from_utf8(&hyper::body::to_bytes(req.into_body()).await?)
.unwrap_or("<invalid utf8>")
);
2021-04-23 20:18:00 +00:00
Err(Error::BadRequest("Unsupported call".to_string()))
2020-05-04 13:09:23 +00:00
}
}
2021-04-23 20:18:00 +00:00
_ => Err(Error::BadRequest("Invalid method".to_string())),
2020-04-09 21:45:07 +00:00
}
}
}
2020-04-28 10:18:14 +00:00
2020-11-07 12:53:32 +00:00
/// Extract the bucket name and the key name from an HTTP path
///
/// S3 internally manages only buckets and keys. This function splits
/// an HTTP path to get the corresponding bucket name and key.
2021-11-11 10:26:02 +00:00
fn parse_bucket_key<'a>(
path: &'a str,
host: Option<&'a str>,
root: Option<&str>,
) -> Result<(&'a str, Option<&'a str>), Error> {
2020-04-28 10:35:04 +00:00
let path = path.trim_start_matches('/');
2020-04-28 10:18:14 +00:00
2021-11-11 10:26:02 +00:00
if host.and(root).is_some() {
if let Some(bucket) = host_to_bucket(host.unwrap(), root.unwrap()) {
if !path.is_empty() {
return Ok((bucket, Some(path)));
} else {
return Ok((bucket, None));
}
}
}
let (bucket, key) = match path.find('/') {
Some(i) => {
let key = &path[i + 1..];
2021-04-23 20:18:00 +00:00
if !key.is_empty() {
(&path[..i], Some(key))
} else {
(&path[..i], None)
}
}
None => (path, None),
};
2021-04-23 20:18:00 +00:00
if bucket.is_empty() {
return Err(Error::BadRequest("No bucket specified".to_string()));
2020-04-28 10:18:14 +00:00
}
Ok((bucket, key))
2020-04-28 10:18:14 +00:00
}
2020-11-07 12:53:32 +00:00
#[cfg(test)]
mod tests {
use super::*;
#[test]
2020-11-07 14:34:53 +00:00
fn parse_bucket_containing_a_key() -> Result<(), Error> {
2021-11-11 10:26:02 +00:00
let (bucket, key) = parse_bucket_key("/my_bucket/a/super/file.jpg", None, None)?;
2020-11-07 12:53:32 +00:00
assert_eq!(bucket, "my_bucket");
2020-11-07 12:59:30 +00:00
assert_eq!(key.expect("key must be set"), "a/super/file.jpg");
2020-11-07 12:53:32 +00:00
Ok(())
}
2020-11-07 14:34:53 +00:00
#[test]
fn parse_bucket_containing_no_key() -> Result<(), Error> {
2021-11-11 10:26:02 +00:00
let (bucket, key) = parse_bucket_key("/my_bucket/", None, None)?;
2020-11-07 14:34:53 +00:00
assert_eq!(bucket, "my_bucket");
assert!(key.is_none());
2021-11-11 10:26:02 +00:00
let (bucket, key) = parse_bucket_key("/my_bucket", None, None)?;
2020-11-07 14:34:53 +00:00
assert_eq!(bucket, "my_bucket");
assert!(key.is_none());
Ok(())
2020-11-07 12:53:32 +00:00
}
#[test]
fn parse_bucket_containing_no_bucket() {
2021-11-11 10:26:02 +00:00
let parsed = parse_bucket_key("", None, None);
assert!(parsed.is_err());
2021-11-11 10:26:02 +00:00
let parsed = parse_bucket_key("/", None, None);
assert!(parsed.is_err());
2021-11-11 10:26:02 +00:00
let parsed = parse_bucket_key("////", None, None);
assert!(parsed.is_err());
}
2021-11-11 10:26:02 +00:00
#[test]
fn parse_bucket_with_vhost_and_key() -> Result<(), Error> {
let (bucket, key) = parse_bucket_key(
"/a/super/file.jpg",
Some("my-bucket.garage.tld"),
Some("garage.tld"),
)?;
assert_eq!(bucket, "my-bucket");
assert_eq!(key.expect("key must be set"), "a/super/file.jpg");
let (bucket, key) = parse_bucket_key(
"/my_bucket/a/super/file.jpg",
Some("not-garage.tld"),
Some("garage.tld"),
)?;
assert_eq!(bucket, "my_bucket");
assert_eq!(key.expect("key must be set"), "a/super/file.jpg");
Ok(())
}
#[test]
fn parse_bucket_with_vhost_no_key() -> Result<(), Error> {
let (bucket, key) = parse_bucket_key("", Some("my-bucket.garage.tld"), Some("garage.tld"))?;
assert_eq!(bucket, "my-bucket");
assert!(key.is_none());
let (bucket, key) =
parse_bucket_key("/", Some("my-bucket.garage.tld"), Some("garage.tld"))?;
assert_eq!(bucket, "my-bucket");
assert!(key.is_none());
Ok(())
}
#[test]
fn parse_bucket_missmatch_vhost() {
let test_vec = [
"/my_bucket/a/super/file.jpg",
"/my_bucket/",
"/my_bucket",
"",
"/",
"////",
];
let eq = |l, r| match (l, r) {
(Ok(l), Ok(r)) => l == r,
(Err(_), Err(_)) => true,
_ => false,
};
for test in test_vec {
assert!(eq(
parse_bucket_key(test, None, None),
parse_bucket_key(test, Some("bucket.garage.tld"), None)
));
assert!(eq(
parse_bucket_key(test, None, None),
parse_bucket_key(test, None, Some("garage.tld"))
));
assert!(eq(
parse_bucket_key(test, None, None),
parse_bucket_key(test, Some("not-garage.tld"), Some("garage.tld"))
));
}
}
2020-11-07 12:53:32 +00:00
}