From eda2b502133b23dc8f90eba2654d19e87a63140a Mon Sep 17 00:00:00 2001 From: Tim Hinderliter Date: Tue, 27 Oct 2009 23:47:37 -0700 Subject: fix issues with cookbook uploading by encoding/authenticating more kinds of File form input --- lib/mixlib/authentication/signatureverification.rb | 12 ++++++++---- lib/mixlib/authentication/signedheaderauth.rb | 12 ++++++------ 2 files changed, 14 insertions(+), 10 deletions(-) (limited to 'lib/mixlib/authentication') diff --git a/lib/mixlib/authentication/signatureverification.rb b/lib/mixlib/authentication/signatureverification.rb index ca65c21..c9f4076 100644 --- a/lib/mixlib/authentication/signatureverification.rb +++ b/lib/mixlib/authentication/signatureverification.rb @@ -32,19 +32,23 @@ module Mixlib @signing_description = headers[:x_ops_sign].chomp @user_id = headers[:x_ops_userid].chomp @timestamp = headers[:x_ops_timestamp].chomp - @request_signature = headers[:authorization].chomp.gsub!(/\n\t/,"\n") + @request_signature = headers[:authorization].chomp.gsub(/\n\t/,"\n") @host = headers[:host].chomp @content_hash = headers[:x_ops_content_hash].chomp @user_secret = user_lookup - - file_param = request.params["file"] + # Any file that's included in the request is hashed if it's there. Otherwise, + # we hash the body. Look for files by looking for objects that respond to + # the read call. + file_param = request.params.values.find { |value| value.respond_to?(:read) } @hashed_body = if file_param Mixlib::Authentication::Log.debug "Digesting file_param: '#{file_param.inspect}'" if file_param.respond_to?(:has_key?) tempfile = file_param[:tempfile] digester.hash_file(tempfile) + elsif file_param.respond_to?(:read) + digester.hash_file(file_param) else digester.hash_body(file_param) end @@ -54,7 +58,7 @@ module Mixlib digester.hash_body(body) end - Mixlib::Authentication::Log.debug "Authenticating user : #{user_id}, User secret is: #{@user_secret}, Request signature is :\n#{@request_signature}, Hashed Body is #{@hashed_body}" + Mixlib::Authentication::Log.debug "Authenticating user : #{user_id}, User secret is : #{@user_secret}, Request signature is :\n#{@request_signature}, Auth HTTP header is :\n#{headers[:authorization]}, Hashed Body is : #{@hashed_body}" #BUGBUG Not doing anything with the signing description yet [cb] parse_signing_description diff --git a/lib/mixlib/authentication/signedheaderauth.rb b/lib/mixlib/authentication/signedheaderauth.rb index 00f6da9..84607f9 100644 --- a/lib/mixlib/authentication/signedheaderauth.rb +++ b/lib/mixlib/authentication/signedheaderauth.rb @@ -21,11 +21,11 @@ module Mixlib end end - # Build the canonicalized request based on the method, other headers, etc. + # Build the canonicalized request based on the method, other headers, etc. # compute the signature from the request, using the looked-up user secret # ====Parameters - # private_key:: user's RSA private key. - def sign(private_key) + # private_key:: user's RSA private key. + def sign(private_key) digester = Mixlib::Authentication::Digester.new @hashed_body = if self.file digester.hash_file(self.file) @@ -33,8 +33,8 @@ module Mixlib digester.hash_body(self.body) end - signature = Base64.encode64(private_key.private_encrypt(canonicalize_request)).chomp.gsub!(/\n/,"\n\t") - header_hash = { + signature = Base64.encode64(private_key.private_encrypt(canonicalize_request)).chomp.gsub!(/\n/,"\n\t") + header_hash = { "X-Ops-Sign" => SIGNING_DESCRIPTION, "X-Ops-Userid" => user_id, "X-Ops-Timestamp" => canonical_time, @@ -44,7 +44,7 @@ module Mixlib Mixlib::Authentication::Log.debug "Header hash: #{header_hash.inspect}" header_hash - end + end # Build the canonicalized time based on utc & iso8601 # -- cgit v1.2.1