mirror of
https://github.com/versity/versitygw.git
synced 2026-05-23 04:11:28 +00:00
9f786b3c2c
Fixes #2123 Fixes #2120 Fixes #2116 Fixes #2111 Fixes #2108 Fixes #2086 Fixes #2085 Fixes #2083 Fixes #2081 Fixes #2080 Fixes #2073 Fixes #2072 Fixes #2071 Fixes #2069 Fixes #2044 Fixes #2043 Fixes #2042 Fixes #2041 Fixes #2040 Fixes #2039 Fixes #2036 Fixes #2035 Fixes #2034 Fixes #2028 Fixes #2020 Fixes #1842 Fixes #1810 Fixes #1780 Fixes #1775 Fixes #1736 Fixes #1705 Fixes #1663 Fixes #1645 Fixes #1583 Fixes #1526 Fixes #1514 Fixes #1493 Fixes #1487 Fixes #959 Fixes #779 Closes #823 Closes #85 Refactor global S3 error handling around structured error types and centralized XML response generation. All S3 errors now share the common APIError base for the fields every error has: Code, HTTP status code, and Message. Non-traditional errors that need AWS-compatible XML fields now have dedicated typed errors in the s3err package. Each typed error implements the shared S3Error behavior so controllers and middleware can handle errors consistently while still emitting error-specific XML fields. Add a dedicated InvalidArgumentError type because InvalidArgument is used widely across request validation, auth, copy source handling, object lock validation, multipart validation, and header parsing. The new InvalidArgument path uses explicit InvalidArgErrorCode constants with predefined descriptions and ArgumentName values, keeping call sites readable while preserving the correct InvalidArgument XML shape and optional ArgumentValue. New structured errors added in s3err: - `AccessForbiddenError`: Method, ResourceType - `BadDigestError`: CalculatedDigest, ExpectedDigest - `BucketError`: BucketName - `ContentSHA256MismatchError`: ClientComputedContentSHA256, S3ComputedContentSHA256 - `EntityTooLargeError`: ProposedSize, MaxSizeAllowed - `EntityTooSmallError`: ProposedSize, MinSizeAllowed - `ExpiredPresignedURLError`: ServerTime, XAmzExpires, Expires - `InvalidAccessKeyIdError`: AWSAccessKeyId - `InvalidArgumentError`: Description, ArgumentName, ArgumentValue - `InvalidChunkSizeError`: Chunk, BadChunkSize - `InvalidDigestError`: ContentMD5 - `InvalidLocationConstraintError`: LocationConstraint - `InvalidPartError`: UploadId, PartNumber, ETag - `InvalidRangeError`: RangeRequested, ActualObjectSize - `InvalidTagError`: TagKey, TagValue - `KeyTooLongError`: Size, MaxSizeAllowed - `MetadataTooLargeError`: Size, MaxSizeAllowed - `MethodNotAllowedError`: Method, ResourceType, AllowedMethods - `NoSuchUploadError`: UploadId - `NoSuchVersionError`: Key, VersionId - `NotImplementedError`: Header, AdditionalMessage - `PreconditionFailedError`: Condition - `RequestTimeTooSkewedError`: RequestTime, ServerTime, MaxAllowedSkewMilliseconds - `SignatureDoesNotMatchError`: AWSAccessKeyId, StringToSign, SignatureProvided, StringToSignBytes, CanonicalRequest, CanonicalRequestBytes Fix CompleteMultipartUpload validation in the Azure backend so missing or empty `ETag` values return the appropriate S3 error instead of allowing a gateway panic. Fix presigned authentication expiration validation to compare server time in `UTC`, matching the `UTC` timestamp used by presigned URL signing. Add request ID and host ID support across S3 requests. Each request now receives AWS S3-like identifiers, returned in response headers as `x-amz-request-id` and `x-amz-id-2` and included in all XML error responses as RequestId and HostId. The generated ID structure is designed to resemble AWS S3 request IDs and host IDs. The request signature calculation/validation for streaming uploads was previously delayed until the request body was fully read, both for Authorization header authentication and presigned URLs. Now, the signature is validated immediately in the authorization middlewares without reading the request body, since the signature calculation itself does not depend on the request body. Instead, only the `x-amz-content-sha256` SHA-256 hash calculation is delayed.
429 lines
12 KiB
Go
429 lines
12 KiB
Go
// Copyright 2023 Versity Software
|
|
// This file is licensed under the Apache License, Version 2.0
|
|
// (the "License"); you may not use this file except in compliance
|
|
// with the License. You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing,
|
|
// software distributed under the License is distributed on an
|
|
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
// KIND, either express or implied. See the License for the
|
|
// specific language governing permissions and limitations
|
|
// under the License.
|
|
|
|
package controllers
|
|
|
|
import (
|
|
"encoding/xml"
|
|
"fmt"
|
|
"net/http"
|
|
"sort"
|
|
"strings"
|
|
|
|
"github.com/gofiber/fiber/v2"
|
|
"github.com/versity/versitygw/auth"
|
|
"github.com/versity/versitygw/backend"
|
|
"github.com/versity/versitygw/debuglogger"
|
|
"github.com/versity/versitygw/metrics"
|
|
"github.com/versity/versitygw/s3api/utils"
|
|
"github.com/versity/versitygw/s3err"
|
|
"github.com/versity/versitygw/s3event"
|
|
"github.com/versity/versitygw/s3log"
|
|
)
|
|
|
|
type S3ApiController struct {
|
|
be backend.Backend
|
|
iam auth.IAMService
|
|
logger s3log.AuditLogger
|
|
evSender s3event.S3EventSender
|
|
mm metrics.Manager
|
|
mpMaxParts int
|
|
readonly bool
|
|
disableACL bool
|
|
virtualDomain string
|
|
}
|
|
|
|
const (
|
|
// time constants
|
|
iso8601TimeFormatExtended = "Mon Jan _2 15:04:05 2006"
|
|
timefmt = "Mon, 02 Jan 2006 15:04:05 GMT"
|
|
|
|
maxXMLBodyLen = 4 * 1024 * 1024
|
|
minPartNumber = 1
|
|
maxPartNumber = 10000
|
|
|
|
defaultRegion = "us-east-1"
|
|
defaultContentType = "binary/octet-stream"
|
|
)
|
|
|
|
var (
|
|
xmlhdr = []byte(`<?xml version="1.0" encoding="UTF-8"?>` + "\n")
|
|
)
|
|
|
|
func New(be backend.Backend, iam auth.IAMService, logger s3log.AuditLogger, evs s3event.S3EventSender, mm metrics.Manager, readonly, disableACL bool, virtualDomain string, mpMaxParts int) S3ApiController {
|
|
return S3ApiController{
|
|
be: be,
|
|
iam: iam,
|
|
logger: logger,
|
|
evSender: evs,
|
|
readonly: readonly,
|
|
mm: mm,
|
|
disableACL: disableACL,
|
|
virtualDomain: virtualDomain,
|
|
mpMaxParts: mpMaxParts,
|
|
}
|
|
}
|
|
|
|
func (c S3ApiController) getAclHeaderValue(ctx *fiber.Ctx, key string, defaultValues ...string) string {
|
|
if c.disableACL {
|
|
return ""
|
|
}
|
|
|
|
return ctx.Get(key, defaultValues...)
|
|
}
|
|
|
|
// Returns MethodNotAllowed for unmatched routes
|
|
func (c S3ApiController) HandleErrorRoute(err error) Controller {
|
|
return func(ctx *fiber.Ctx) (*Response, error) {
|
|
return &Response{}, err
|
|
}
|
|
}
|
|
|
|
// MetaOptions holds the metadata for metrics, audit logs and s3 events
|
|
type MetaOptions struct {
|
|
ContentLength int64
|
|
BucketOwner string
|
|
ObjectSize int64
|
|
ObjectCount int64
|
|
EventName s3event.EventType
|
|
ObjectETag *string
|
|
VersionId *string
|
|
Status int
|
|
}
|
|
|
|
// Response is the type definition for a controller response
|
|
// Data - Response body
|
|
// Headers - Resposne headers
|
|
// MetaOpts - Meta options for metrics, audit logs and s3 events
|
|
type Response struct {
|
|
Data any
|
|
Headers map[string]*string
|
|
MetaOpts *MetaOptions
|
|
}
|
|
|
|
// Services groups the metrics manager, s3 event sender and audit logger
|
|
type Services struct {
|
|
Logger s3log.AuditLogger
|
|
EventSender s3event.S3EventSender
|
|
MetricsManager metrics.Manager
|
|
}
|
|
|
|
// Controller is the type definition for an s3api controller
|
|
type Controller func(ctx *fiber.Ctx) (*Response, error)
|
|
|
|
// ProcessHandlers groups a controller and multiple middlewares into a single fiber handler
|
|
func ProcessHandlers(controller Controller, s3action string, svc *Services, handlers ...fiber.Handler) fiber.Handler {
|
|
return func(ctx *fiber.Ctx) error {
|
|
// if skip locals is set, skip to the next rout handler
|
|
if utils.ContextKeySkip.IsSet(ctx) {
|
|
utils.ContextKeySkip.Delete(ctx)
|
|
return ctx.Next()
|
|
}
|
|
|
|
for _, handler := range handlers {
|
|
err := handler(ctx)
|
|
if err != nil {
|
|
return ProcessController(ctx, func(ctx *fiber.Ctx) (*Response, error) {
|
|
return &Response{
|
|
MetaOpts: &MetaOptions{},
|
|
}, err
|
|
}, s3action, svc)
|
|
}
|
|
}
|
|
|
|
return ProcessController(ctx, controller, s3action, svc)
|
|
}
|
|
}
|
|
|
|
// WrapMiddleware executes the given middleware and handles sending the audit logs
|
|
// and metrics. It also handles the error parsing
|
|
func WrapMiddleware(handler fiber.Handler, logger s3log.AuditLogger, mm metrics.Manager) fiber.Handler {
|
|
return func(ctx *fiber.Ctx) error {
|
|
requestID, hostID := utils.EnsureRequestIDs(ctx)
|
|
|
|
err := handler(ctx)
|
|
if err != nil {
|
|
if mm != nil {
|
|
mm.Send(ctx, err, metrics.ActionUndetected, 0, 0)
|
|
}
|
|
if logger != nil {
|
|
logger.Log(ctx, err, ctx.Body(), s3log.LogMeta{
|
|
Action: metrics.ActionUndetected,
|
|
})
|
|
}
|
|
|
|
ctx.Response().Header.SetContentType(fiber.MIMEApplicationXML)
|
|
|
|
if serr, ok := err.(s3err.S3Error); ok {
|
|
if mnaErr, ok := serr.(s3err.MethodNotAllowedError); ok && len(mnaErr.AllowedMethods) != 0 {
|
|
// for MethodNotAllowed errors, set the 'Allow' header
|
|
ctx.Response().Header.Set("Allow", mnaErr.AllowedMethodsString())
|
|
}
|
|
return ctx.Status(serr.StatusCode()).Send(serr.XMLBody(requestID, hostID))
|
|
}
|
|
|
|
debuglogger.InternalError(err)
|
|
ctx.Status(http.StatusInternalServerError)
|
|
|
|
// If the error is not 's3err.S3Error' return 'InternalError'
|
|
return ctx.Send(s3err.GetAPIError(s3err.ErrInternalError).XMLBody(requestID, hostID))
|
|
}
|
|
|
|
return ctx.Next()
|
|
}
|
|
}
|
|
|
|
// ProcessController executes the given s3api controller and handles the metrics
|
|
// access logs and s3 events
|
|
func ProcessController(ctx *fiber.Ctx, controller Controller, s3action string, svc *Services) error {
|
|
response, err := controller(ctx)
|
|
|
|
// Set the response headers
|
|
SetResponseHeaders(ctx, response.Headers)
|
|
requestID, hostID := utils.EnsureRequestIDs(ctx)
|
|
ensureExposeMetaHeaders(ctx)
|
|
|
|
opts := response.MetaOpts
|
|
if opts == nil {
|
|
opts = &MetaOptions{}
|
|
}
|
|
// Send the metrics
|
|
if svc.MetricsManager != nil {
|
|
if opts.ObjectCount > 0 {
|
|
svc.MetricsManager.Send(ctx, err, s3action, opts.ObjectCount, opts.Status)
|
|
} else {
|
|
svc.MetricsManager.Send(ctx, err, s3action, opts.ContentLength, opts.Status)
|
|
}
|
|
}
|
|
// Handle the error case
|
|
if err != nil {
|
|
// Audit the error log
|
|
if svc.Logger != nil {
|
|
svc.Logger.Log(ctx, err, nil, s3log.LogMeta{
|
|
Action: s3action,
|
|
BucketOwner: opts.BucketOwner,
|
|
ObjectSize: opts.ObjectSize,
|
|
})
|
|
}
|
|
|
|
// set content type to application/xml
|
|
ctx.Response().Header.SetContentType(fiber.MIMEApplicationXML)
|
|
|
|
if serr, ok := err.(s3err.S3Error); ok {
|
|
if mnaErr, ok := serr.(s3err.MethodNotAllowedError); ok && len(mnaErr.AllowedMethods) != 0 {
|
|
ctx.Response().Header.Set("Allow", mnaErr.AllowedMethodsString())
|
|
}
|
|
return ctx.Status(serr.StatusCode()).Send(serr.XMLBody(requestID, hostID))
|
|
}
|
|
|
|
debuglogger.InternalError(err)
|
|
|
|
// If the error is not 's3err.S3Error' return 'InternalError'
|
|
return ctx.Status(http.StatusInternalServerError).Send(s3err.GetAPIError(s3err.ErrInternalError).XMLBody(requestID, hostID))
|
|
}
|
|
|
|
// At this point, the S3 action has succeeded in the backend and
|
|
// the event has already occurred. This means the S3 event must be sent,
|
|
// even if unexpected issues arise while further parsing the response payload.
|
|
if svc.EventSender != nil && opts.EventName != "" {
|
|
svc.EventSender.SendEvent(ctx, s3event.EventMeta{
|
|
BucketOwner: opts.BucketOwner,
|
|
ObjectSize: opts.ObjectSize,
|
|
ObjectETag: opts.ObjectETag,
|
|
VersionId: opts.VersionId,
|
|
EventName: opts.EventName,
|
|
})
|
|
}
|
|
|
|
if opts.Status == 0 {
|
|
opts.Status = http.StatusOK
|
|
}
|
|
|
|
// if no data payload is provided, send the response status
|
|
if response.Data == nil {
|
|
if svc.Logger != nil {
|
|
svc.Logger.Log(ctx, nil, []byte{}, s3log.LogMeta{
|
|
Action: s3action,
|
|
BucketOwner: opts.BucketOwner,
|
|
ObjectSize: opts.ObjectSize,
|
|
})
|
|
}
|
|
ctx.Status(opts.Status)
|
|
return nil
|
|
}
|
|
|
|
var responseBytes []byte
|
|
|
|
// Handle already encoded responses(text, json...)
|
|
encodedResp, ok := response.Data.([]byte)
|
|
if ok {
|
|
responseBytes = encodedResp
|
|
} else {
|
|
if responseBytes, err = xml.Marshal(response.Data); err != nil {
|
|
debuglogger.InternalError(err)
|
|
if svc.Logger != nil {
|
|
svc.Logger.Log(ctx, err, nil, s3log.LogMeta{
|
|
Action: s3action,
|
|
BucketOwner: opts.BucketOwner,
|
|
ObjectSize: opts.ObjectSize,
|
|
})
|
|
}
|
|
|
|
err := s3err.GetAPIError(s3err.ErrInternalError)
|
|
return ctx.Status(err.HTTPStatusCode).Send(err.XMLBody(requestID, hostID))
|
|
}
|
|
|
|
if len(responseBytes) > 0 {
|
|
ctx.Response().Header.SetContentType(fiber.MIMEApplicationXML)
|
|
}
|
|
}
|
|
|
|
if ok {
|
|
if len(responseBytes) > 0 {
|
|
ctx.Response().Header.Set("Content-Length", fmt.Sprint(len(responseBytes)))
|
|
}
|
|
|
|
if svc.Logger != nil {
|
|
svc.Logger.Log(ctx, nil, responseBytes, s3log.LogMeta{
|
|
Action: s3action,
|
|
BucketOwner: opts.BucketOwner,
|
|
ObjectSize: opts.ObjectSize,
|
|
})
|
|
}
|
|
|
|
return ctx.Status(opts.Status).Send(responseBytes)
|
|
}
|
|
|
|
msglen := len(xmlhdr) + len(responseBytes)
|
|
if msglen > maxXMLBodyLen {
|
|
debuglogger.Logf("XML encoded body len %v exceeds max len %v",
|
|
msglen, maxXMLBodyLen)
|
|
if svc.Logger != nil {
|
|
svc.Logger.Log(ctx, err, []byte{}, s3log.LogMeta{
|
|
Action: s3action,
|
|
BucketOwner: opts.BucketOwner,
|
|
ObjectSize: opts.ObjectSize,
|
|
})
|
|
}
|
|
|
|
// set content type to application/xml
|
|
ctx.Response().Header.SetContentType(fiber.MIMEApplicationXML)
|
|
|
|
err := s3err.GetAPIError(s3err.ErrInternalError)
|
|
return ctx.Status(err.HTTPStatusCode).Send(err.XMLBody(requestID, hostID))
|
|
}
|
|
res := make([]byte, 0, msglen)
|
|
res = append(res, xmlhdr...)
|
|
res = append(res, responseBytes...)
|
|
|
|
// Set the Content-Length header
|
|
ctx.Response().Header.SetContentLength(msglen)
|
|
|
|
if svc.Logger != nil {
|
|
svc.Logger.Log(ctx, nil, responseBytes, s3log.LogMeta{
|
|
Action: s3action,
|
|
BucketOwner: opts.BucketOwner,
|
|
ObjectSize: opts.ObjectSize,
|
|
})
|
|
}
|
|
|
|
return ctx.Status(opts.Status).Send(res)
|
|
}
|
|
|
|
func ensureExposeMetaHeaders(ctx *fiber.Ctx) {
|
|
// Only attempt to modify expose headers when CORS is actually in use.
|
|
if len(ctx.Response().Header.Peek("Access-Control-Allow-Origin")) == 0 {
|
|
return
|
|
}
|
|
|
|
existing := strings.TrimSpace(string(ctx.Response().Header.Peek("Access-Control-Expose-Headers")))
|
|
if existing == "*" {
|
|
return
|
|
}
|
|
|
|
lowerExisting := map[string]struct{}{}
|
|
if existing != "" {
|
|
for part := range strings.SplitSeq(existing, ",") {
|
|
p := strings.ToLower(strings.TrimSpace(part))
|
|
if p != "" {
|
|
lowerExisting[p] = struct{}{}
|
|
}
|
|
}
|
|
}
|
|
|
|
metaNames := map[string]struct{}{}
|
|
for k := range ctx.Response().Header.All() {
|
|
key := string(k)
|
|
if strings.HasPrefix(strings.ToLower(key), "x-amz-meta-") {
|
|
metaNames[key] = struct{}{}
|
|
}
|
|
}
|
|
if len(metaNames) == 0 {
|
|
// Still ensure ETag is present if any expose headers exist/are needed.
|
|
if _, ok := lowerExisting["etag"]; ok {
|
|
return
|
|
}
|
|
if existing == "" {
|
|
ctx.Response().Header.Set("Access-Control-Expose-Headers", "ETag")
|
|
return
|
|
}
|
|
ctx.Response().Header.Set("Access-Control-Expose-Headers", existing+", ETag")
|
|
return
|
|
}
|
|
|
|
metaList := make([]string, 0, len(metaNames))
|
|
for k := range metaNames {
|
|
metaList = append(metaList, k)
|
|
}
|
|
sort.Strings(metaList)
|
|
|
|
toAdd := make([]string, 0, 1+len(metaList))
|
|
if _, ok := lowerExisting["etag"]; !ok {
|
|
toAdd = append(toAdd, "ETag")
|
|
lowerExisting["etag"] = struct{}{}
|
|
}
|
|
for _, h := range metaList {
|
|
lh := strings.ToLower(h)
|
|
if _, ok := lowerExisting[lh]; ok {
|
|
continue
|
|
}
|
|
toAdd = append(toAdd, h)
|
|
lowerExisting[lh] = struct{}{}
|
|
}
|
|
if len(toAdd) == 0 {
|
|
return
|
|
}
|
|
|
|
if existing == "" {
|
|
ctx.Response().Header.Set("Access-Control-Expose-Headers", strings.Join(toAdd, ", "))
|
|
return
|
|
}
|
|
ctx.Response().Header.Set("Access-Control-Expose-Headers", existing+", "+strings.Join(toAdd, ", "))
|
|
}
|
|
|
|
// Sets the response headers
|
|
func SetResponseHeaders(ctx *fiber.Ctx, headers map[string]*string) {
|
|
if headers == nil {
|
|
return
|
|
}
|
|
|
|
ctx.Response().Header.DisableNormalizing()
|
|
for key, val := range headers {
|
|
if val == nil || *val == "" {
|
|
continue
|
|
}
|
|
ctx.Response().Header.Add(key, *val)
|
|
}
|
|
}
|