diff options
author | Zuul <zuul@review.opendev.org> | 2023-02-10 01:21:15 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2023-02-10 01:21:15 +0000 |
commit | d9bf70ae2b28222f62470bba5f6877bbbe057532 (patch) | |
tree | f4b59d4d9722db40c4d1ff4b41ab64c887e4cbb0 | |
parent | 37e30d090327f3f7fa2c2a35331431b1ffe0164e (diff) | |
parent | 70864396dcbdf4c391fdb5e8e8b8ccea24c8fa4c (diff) | |
download | swift-d9bf70ae2b28222f62470bba5f6877bbbe057532.tar.gz |
Merge "s3token: Only replace access_key_id in account"
-rw-r--r-- | swift/common/middleware/s3api/s3token.py | 4 | ||||
-rw-r--r-- | test/unit/common/middleware/s3api/test_s3token.py | 12 |
2 files changed, 14 insertions, 2 deletions
diff --git a/swift/common/middleware/s3api/s3token.py b/swift/common/middleware/s3api/s3token.py index c376dac5f..3693b2f28 100644 --- a/swift/common/middleware/s3api/s3token.py +++ b/swift/common/middleware/s3api/s3token.py @@ -403,8 +403,8 @@ class S3Token(object): tenant_to_connect = tenant_to_connect.encode('utf-8') self._logger.debug('Connecting with tenant: %s', tenant_to_connect) new_tenant_name = '%s%s' % (self._reseller_prefix, tenant_to_connect) - environ['PATH_INFO'] = environ['PATH_INFO'].replace(account, - new_tenant_name) + environ['PATH_INFO'] = environ['PATH_INFO'].replace( + account, new_tenant_name, 1) return self._app(environ, start_response) diff --git a/test/unit/common/middleware/s3api/test_s3token.py b/test/unit/common/middleware/s3api/test_s3token.py index 1c974fd12..bef6cf9e7 100644 --- a/test/unit/common/middleware/s3api/test_s3token.py +++ b/test/unit/common/middleware/s3api/test_s3token.py @@ -956,6 +956,18 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): self._assert_authorized(req, account_path='/v1/') self.assertEqual(req.environ['PATH_INFO'], '/v1/AUTH_PROJECT_ID/c/o') + def test_authorize_with_access_key_in_container(self): + req = Request.blank('/v1/accesskey/accesskey.c/o') + req.environ['s3api.auth_details'] = { + 'access_key': u'access', + 'signature': u'signature', + 'string_to_sign': u'token', + } + req.get_response(self.middleware) + self._assert_authorized(req, account_path='/v1/') + self.assertEqual(req.environ['PATH_INFO'], + '/v1/AUTH_PROJECT_ID/accesskey.c/o') + def test_authorize_with_access_key_and_unquote_chars(self): req = Request.blank('/v1/ab%c=/c/o') req.environ['s3api.auth_details'] = { |