openstack/swift
Code Issues Proposed changes
d754b59cf8
swift/test/unit/common/middleware/test_tempurl.py

761 lines
32 KiB
Python
Raw Normal View History

Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
# Copyright (c) 2011 OpenStack, LLC.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import hmac
import unittest
from hashlib import sha1
from contextlib import contextmanager
from time import time
Enhance log msg to report referer and user-agent Enhance internally logged messages to report referer and user-agent. Pass the referering URL and METHOD between internal servers (when known), and set the user-agent to be the server type (obj-server, container-server, proxy-server, obj-updater, obj-replicator, container-updater, direct-client, etc.) with the process PID. In conjunction with the transaction ID, it helps to track down which PID from a given system was responsible for initiating the request and what that server was working on to make this request. This has been helpful in tracking down interactions between object, container and account servers. We also take things a bit further performaing a bit of refactoring to consolidate calls to transfer_headers() now that we have a helper method for constructing them. Finally we performed further changes to avoid header key duplication due to string literal header key values and the various objects representing headers for requests and responses. See below for more details. ==== Header Keys There seems to be a bit of a problem with the case of the various string literals used for header keys and the interchangable way standard Python dictionaries, HeaderKeyDict() and HeaderEnvironProxy() objects are used. If one is not careful, a header object of some sort (one that does not normalize its keys, and that is not necessarily a dictionary) can be constructed containing header keys which differ only by the case of their string literals. E.g.: { 'x-trans-id': '1234', 'X-Trans-Id': '5678' } Such an object, when passed to http_connect() will result in an on-the-wire header where the key values are merged together, comma separated, that looks something like: HTTP_X_TRANS_ID: 1234,5678 For some headers in some contexts, this is behavior is desirable. For example, one can also use a list of tuples which enumerate the multiple values a single header should have. However, in almost all of the contexts used in the code base, this is not desirable. This behavior arises from a combination of factors: 1. Header strings are not constants and different lower-case and title-case header strings values are used interchangably in the code at times It might be worth the effort to make a pass through the code to stop using string literals and use constants instead, but there are plusses and minuses to doing that, so this was not attempted in this effort 2. HeaderEnvironProxy() objects report their keys in ".title()" case, but normalize all other key references to the form expected by the Request class's environ field swob.Request.headers fields are HeaderEnvironProxy() objects. 3. HeaderKeyDict() objects report their keys in ".lower()" case, and normalize all other key references to ".lower()" case swob.Response.headers fields are HeaderKeyDict() objects. Depending on which object is used and how it is used, one can end up with such a mismatch. This commit takes the following steps as a (PROPOSED) solution: 1. Change HeaderKeyDict() to normalize using ".title()" case to match HeaderEnvironProxy() 2. Replace standard python dictionary objects with HeaderKeyDict() objects where possible This gives us an object that normalizes key references to avoid fixing the code to normalize the string literals. 3. Fix up a few places to use title case string literals to match the new defaults Change-Id: Ied56a1df83ffac793ee85e796424d7d20f18f469 Signed-off-by: Peter Portante <peter.portante@redhat.com>
2012-11-15 16:34:45 -05:00
from swift.common.swob import Request, Response, HeaderKeyDict
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
from swift.common.middleware import tempauth, tempurl
class FakeMemcache(object):
def __init__(self):
self.store = {}
def get(self, key):
return self.store.get(key)
Swift MemcacheRing (set) interface is incompatible fixes This patch fixes the Swift MemcacheRing set and set_multi interface incompatible problem with python memcache. The fix added two extra named parameters to both set and set_multi method. When only time or timeout parameter is present, then one of the value will be used. When both time and timeout are present, the time parameter will be used. Named parameter min_compress_len is added for pure compatibility purposes. The current implementation ignores this parameter. To make swift memcached methods all consistent cross the board, method incr and decr have also been changed to include a new named parameter time. In future OpenStack releases, the named parameter timeout will be removed, keep the named parameter timeout around for now is to make sure that mismatched releases between client and server will still work. From now on, when a call is made to set, set_multi, decr, incr by using timeout parametner, a warning message will be logged to indicate the deprecation of the parameter. Fixes: bug #1095730 Change-Id: I07af784a54d7d79395fc3265e74145f92f38a893
2013-02-13 13:54:51 -05:00
def set(self, key, value, time=0):
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.store[key] = value
return True
Swift MemcacheRing (set) interface is incompatible fixes This patch fixes the Swift MemcacheRing set and set_multi interface incompatible problem with python memcache. The fix added two extra named parameters to both set and set_multi method. When only time or timeout parameter is present, then one of the value will be used. When both time and timeout are present, the time parameter will be used. Named parameter min_compress_len is added for pure compatibility purposes. The current implementation ignores this parameter. To make swift memcached methods all consistent cross the board, method incr and decr have also been changed to include a new named parameter time. In future OpenStack releases, the named parameter timeout will be removed, keep the named parameter timeout around for now is to make sure that mismatched releases between client and server will still work. From now on, when a call is made to set, set_multi, decr, incr by using timeout parametner, a warning message will be logged to indicate the deprecation of the parameter. Fixes: bug #1095730 Change-Id: I07af784a54d7d79395fc3265e74145f92f38a893
2013-02-13 13:54:51 -05:00
def incr(self, key, time=0):
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.store[key] = self.store.setdefault(key, 0) + 1
return self.store[key]
@contextmanager
def soft_lock(self, key, timeout=0, retries=5):
yield True
def delete(self, key):
try:
del self.store[key]
except Exception:
pass
return True
class FakeApp(object):
def __init__(self, status_headers_body_iter=None):
self.calls = 0
self.status_headers_body_iter = status_headers_body_iter
if not self.status_headers_body_iter:
self.status_headers_body_iter = iter([('404 Not Found', {
'x-test-header-one-a': 'value1',
'x-test-header-two-a': 'value2',
'x-test-header-two-b': 'value3'}, '')])
self.request = None
def __call__(self, env, start_response):
self.calls += 1
self.request = Request.blank('', environ=env)
if 'swift.authorize' in env:
resp = env['swift.authorize'](self.request)
if resp:
return resp(env, start_response)
status, headers, body = self.status_headers_body_iter.next()
return Response(status=status, headers=headers,
body=body)(env, start_response)
class TestTempURL(unittest.TestCase):
def setUp(self):
self.app = FakeApp()
self.auth = tempauth.filter_factory({})(self.app)
have tempurl allow OPTIONS requests Change-Id: I431cac1e9818a335ff8d20288ab6acf39d6b6d5e
2013-05-07 13:44:14 -07:00
self.auth.reseller_prefix = 'a'
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.tempurl = tempurl.filter_factory({})(self.auth)
def _make_request(self, path, **kwargs):
req = Request.blank(path, **kwargs)
req.environ['swift.cache'] = FakeMemcache()
return req
def test_passthrough(self):
resp = self._make_request('/v1/a/c/o').get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' not in resp.body)
have tempurl allow OPTIONS requests Change-Id: I431cac1e9818a335ff8d20288ab6acf39d6b6d5e
2013-05-07 13:44:14 -07:00
def test_allow_options(self):
self.app.status_headers_body_iter = iter([('200 Ok', {}, '')])
resp = self._make_request(
'/v1/a/c/o?temp_url_sig=abcde&temp_url_expires=12345',
environ={'REQUEST_METHOD': 'OPTIONS'}).get_response(self.tempurl)
self.assertEquals(resp.status_int, 200)
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_get_valid(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
self.tempurl.app = FakeApp(iter([('200 Ok', (), '123')]))
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
self.assertEquals(resp.status_int, 200)
self.assertEquals(resp.headers['content-disposition'],
'attachment; filename="o"')
self.assertEquals(req.environ['swift.authorize_override'], True)
self.assertEquals(req.environ['REMOTE_USER'], '.wsgi.tempurl')
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
def test_get_valid_key2(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key1 = 'abc123'
key2 = 'def456'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig1 = hmac.new(key1, hmac_body, sha1).hexdigest()
sig2 = hmac.new(key2, hmac_body, sha1).hexdigest()
for sig in (sig1, sig2):
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
req.environ['swift.cache'].set('temp-url-keys/a', [key1, key2])
self.tempurl.app = FakeApp(iter([('200 Ok', (), '123')]))
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 200)
self.assertEquals(resp.headers['content-disposition'],
'attachment; filename="o"')
self.assertEquals(req.environ['swift.authorize_override'], True)
self.assertEquals(req.environ['REMOTE_USER'], '.wsgi.tempurl')
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
def test_get_valid_with_filename(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path, environ={
'QUERY_STRING': 'temp_url_sig=%s&temp_url_expires=%s&'
'filename=bob%%20%%22killer%%22.txt' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
self.tempurl.app = FakeApp(iter([('200 Ok', (), '123')]))
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 200)
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.assertEquals(resp.headers['content-disposition'],
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
'attachment; filename="bob \\\"killer\\\".txt"')
self.assertEquals(req.environ['swift.authorize_override'], True)
self.assertEquals(req.environ['REMOTE_USER'], '.wsgi.tempurl')
def test_get_valid_but_404(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
self.assertFalse('content-disposition' in resp.headers)
Adapt Swift for WebOb 1.2 Based on PatchSet 3 of https://review.openstack.org/#/c/7569/ , make them to pass all funcional tests with both webob 1.x and 1.2. The additional following compatibility issues were addressed: - Until patch for range header issue is merged into official webob release, testRangedGetsWithLWSinHeader() should skip test against webob 1.2 (https://github.com/Pylons/webob/commit/49c175aec2b5c134511dfea6564bfb1d37ab23a9) - common.constraints.check_utf8() can accept both utf8 str and unicode. - To convert unicode to utf-8 str if necessary. - Making proxy_logging can handle invalid utf-8 str bug 888371 bug 959881 blueprint webob-support Change-Id: I00e5fd04cd1653259606a4ffdd4926db3c84c496
2012-06-06 03:39:53 +09:00
self.assertEquals(req.environ['swift.authorize_override'], True)
self.assertEquals(req.environ['REMOTE_USER'], '.wsgi.tempurl')
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_put_not_allowed_by_get(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'PUT',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_put_valid(self):
method = 'PUT'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'PUT',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
Adapt Swift for WebOb 1.2 Based on PatchSet 3 of https://review.openstack.org/#/c/7569/ , make them to pass all funcional tests with both webob 1.x and 1.2. The additional following compatibility issues were addressed: - Until patch for range header issue is merged into official webob release, testRangedGetsWithLWSinHeader() should skip test against webob 1.2 (https://github.com/Pylons/webob/commit/49c175aec2b5c134511dfea6564bfb1d37ab23a9) - common.constraints.check_utf8() can accept both utf8 str and unicode. - To convert unicode to utf-8 str if necessary. - Making proxy_logging can handle invalid utf-8 str bug 888371 bug 959881 blueprint webob-support Change-Id: I00e5fd04cd1653259606a4ffdd4926db3c84c496
2012-06-06 03:39:53 +09:00
self.assertEquals(req.environ['swift.authorize_override'], True)
self.assertEquals(req.environ['REMOTE_USER'], '.wsgi.tempurl')
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_get_not_allowed_by_put(self):
method = 'PUT'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_missing_sig(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
fixed some minor things in tests that pyflakes complained about Change-Id: Ifeab56a964630bcf941e932fcbe39e6572e62975
2013-03-26 20:42:26 +00:00
hmac.new(key, hmac_body, sha1).hexdigest()
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
req = self._make_request(path,
environ={'QUERY_STRING': 'temp_url_expires=%s' % expires})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_missing_expires(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING': 'temp_url_sig=%s' % sig})
req.environ['swift.cache'].set('temp-url-key/a', key)
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_bad_path(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
req.environ['swift.cache'].set('temp-url-key/a', key)
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_no_key(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_head_allowed_by_get(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'HEAD',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
Adapt Swift for WebOb 1.2 Based on PatchSet 3 of https://review.openstack.org/#/c/7569/ , make them to pass all funcional tests with both webob 1.x and 1.2. The additional following compatibility issues were addressed: - Until patch for range header issue is merged into official webob release, testRangedGetsWithLWSinHeader() should skip test against webob 1.2 (https://github.com/Pylons/webob/commit/49c175aec2b5c134511dfea6564bfb1d37ab23a9) - common.constraints.check_utf8() can accept both utf8 str and unicode. - To convert unicode to utf-8 str if necessary. - Making proxy_logging can handle invalid utf-8 str bug 888371 bug 959881 blueprint webob-support Change-Id: I00e5fd04cd1653259606a4ffdd4926db3c84c496
2012-06-06 03:39:53 +09:00
self.assertEquals(req.environ['swift.authorize_override'], True)
self.assertEquals(req.environ['REMOTE_USER'], '.wsgi.tempurl')
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_head_allowed_by_put(self):
method = 'PUT'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'HEAD',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
Adapt Swift for WebOb 1.2 Based on PatchSet 3 of https://review.openstack.org/#/c/7569/ , make them to pass all funcional tests with both webob 1.x and 1.2. The additional following compatibility issues were addressed: - Until patch for range header issue is merged into official webob release, testRangedGetsWithLWSinHeader() should skip test against webob 1.2 (https://github.com/Pylons/webob/commit/49c175aec2b5c134511dfea6564bfb1d37ab23a9) - common.constraints.check_utf8() can accept both utf8 str and unicode. - To convert unicode to utf-8 str if necessary. - Making proxy_logging can handle invalid utf-8 str bug 888371 bug 959881 blueprint webob-support Change-Id: I00e5fd04cd1653259606a4ffdd4926db3c84c496
2012-06-06 03:39:53 +09:00
self.assertEquals(req.environ['swift.authorize_override'], True)
self.assertEquals(req.environ['REMOTE_USER'], '.wsgi.tempurl')
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_head_otherwise_not_allowed(self):
method = 'PUT'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
# Deliberately fudge expires to show HEADs aren't just automatically
# allowed.
expires += 1
req = self._make_request(path,
environ={'REQUEST_METHOD': 'HEAD',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
req.environ['swift.cache'].set('temp-url-key/a', key)
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
def test_post_not_allowed(self):
method = 'POST'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'POST',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
req.environ['swift.cache'].set('temp-url-key/a', key)
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_delete_not_allowed(self):
method = 'DELETE'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'DELETE',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
req.environ['swift.cache'].set('temp-url-key/a', key)
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
Allow a configurable set of TempURL methods Folks have actually been asking for this. I think they're sending a DELETE TempURL to someone way ahead of time and the someone issues it when they're ready. Honestly, I'm not entirely sure of the use case, but having the set of methods configurable wouldn't hurt. Change-Id: Ibdb48f8a72077b045eeedddfae4c0a1f56098d7a
2013-04-04 16:44:22 +00:00
def test_delete_allowed_with_conf(self):
self.tempurl.methods.append('DELETE')
method = 'DELETE'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'DELETE',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Allow a configurable set of TempURL methods Folks have actually been asking for this. I think they're sending a DELETE TempURL to someone way ahead of time and the someone issues it when they're ready. Honestly, I'm not entirely sure of the use case, but having the set of methods configurable wouldn't hurt. Change-Id: Ibdb48f8a72077b045eeedddfae4c0a1f56098d7a
2013-04-04 16:44:22 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_unknown_not_allowed(self):
method = 'UNKNOWN'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'REQUEST_METHOD': 'UNKNOWN',
'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_changed_path_invalid(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path + '2',
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_changed_sig_invalid(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
if sig[-1] != '0':
sig = sig[:-1] + '0'
else:
sig = sig[:-1] + '1'
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_changed_expires_invalid(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' %
(sig, expires + 1)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_different_key_invalid(self):
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key + '2'])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 401)
self.assertTrue('Temp URL invalid' in resp.body)
def test_removed_incoming_header(self):
self.tempurl = tempurl.filter_factory({
'incoming_remove_headers': 'x-remove-this'})(self.auth)
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path, headers={'x-remove-this': 'value'},
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
self.assertTrue('x-remove-this' not in self.app.request.headers)
def test_removed_incoming_headers_match(self):
self.tempurl = tempurl.filter_factory({
'incoming_remove_headers': 'x-remove-this-*',
'incoming_allow_headers': 'x-remove-this-except-this'})(self.auth)
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
headers={'x-remove-this-one': 'value1',
'x-remove-this-except-this': 'value2'},
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
self.assertTrue('x-remove-this-one' not in self.app.request.headers)
self.assertEquals(
self.app.request.headers['x-remove-this-except-this'], 'value2')
def test_removed_outgoing_header(self):
self.tempurl = tempurl.filter_factory({
'outgoing_remove_headers': 'x-test-header-one-a'})(self.auth)
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
self.assertTrue('x-test-header-one-a' not in resp.headers)
self.assertEquals(resp.headers['x-test-header-two-a'], 'value2')
def test_removed_outgoing_headers_match(self):
self.tempurl = tempurl.filter_factory({
'outgoing_remove_headers': 'x-test-header-two-*',
'outgoing_allow_headers': 'x-test-header-two-b'})(self.auth)
method = 'GET'
expires = int(time() + 86400)
path = '/v1/a/c/o'
key = 'abc'
hmac_body = '%s\n%s\n%s' % (method, expires, path)
sig = hmac.new(key, hmac_body, sha1).hexdigest()
req = self._make_request(path,
environ={'QUERY_STRING':
'temp_url_sig=%s&temp_url_expires=%s' % (sig, expires)})
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
req.environ['swift.cache'].set('temp-url-keys/a', [key])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
resp = req.get_response(self.tempurl)
self.assertEquals(resp.status_int, 404)
self.assertEquals(resp.headers['x-test-header-one-a'], 'value1')
self.assertTrue('x-test-header-two-a' not in resp.headers)
self.assertEquals(resp.headers['x-test-header-two-b'], 'value3')
def test_get_account(self):
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'HEAD', 'PATH_INFO': '/v1/a/c/o'}), 'a')
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1/a/c/o'}), 'a')
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'PUT', 'PATH_INFO': '/v1/a/c/o'}), 'a')
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'POST', 'PATH_INFO': '/v1/a/c/o'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'DELETE', 'PATH_INFO': '/v1/a/c/o'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'UNKNOWN', 'PATH_INFO': '/v1/a/c/o'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1/a/c/'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1/a/c//////'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1/a/c///o///'}), 'a')
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1/a/c'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1/a//o'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1//c/o'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '//a/c/o'}), None)
self.assertEquals(self.tempurl._get_account({
'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v2/a/c/o'}), None)
def test_get_temp_url_info(self):
s = 'f5d5051bddf5df7e27c628818738334f'
e = int(time() + 86400)
self.assertEquals(self.tempurl._get_temp_url_info({'QUERY_STRING':
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
'temp_url_sig=%s&temp_url_expires=%s' % (s, e)}), (s, e, None))
self.assertEquals(self.tempurl._get_temp_url_info({
'QUERY_STRING': 'temp_url_sig=%s&temp_url_expires=%s&'
'filename=bobisyouruncle' % (s, e)}), (s, e, 'bobisyouruncle'))
self.assertEquals(self.tempurl._get_temp_url_info({}),
(None, None, None))
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.assertEquals(self.tempurl._get_temp_url_info({'QUERY_STRING':
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
'temp_url_expires=%s' % e}), (None, e, None))
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.assertEquals(self.tempurl._get_temp_url_info({'QUERY_STRING':
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
'temp_url_sig=%s' % s}), (s, None, None))
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.assertEquals(self.tempurl._get_temp_url_info({'QUERY_STRING':
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
'temp_url_sig=%s&temp_url_expires=bad' % s}), (s, 0, None))
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
e = int(time() - 1)
self.assertEquals(self.tempurl._get_temp_url_info({'QUERY_STRING':
TempURL filename options; bug fixes - Prior to this commit, a Content-Disposition header was always set on responses to GET requests, with the filename based on the object name. Now, the header will only be set for 2xx responses and the filename can be overridden with a filename query parameter on the request. - Fixed a bug where all query parameters on the request were being passed down the WSGI pipeline. Now, just the query parameters useful in log-based debugging are included. This becomes important with things like the Bulk middleware that act upon query parameters. - Fixed bug where the Content-Disposition header wasn't following RFC spec. DocImpact Change-Id: I66ad809321dcdd03444324973c8b76869e3b0c8e
2013-02-25 02:25:58 +00:00
'temp_url_sig=%s&temp_url_expires=%s' % (s, e)}), (s, 0, None))
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_get_key_memcache(self):
self.app.status_headers_body_iter = iter([('404 Not Found', {}, '')])
self.assertEquals(
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
self.tempurl._get_keys({}, 'a'), [])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.app.status_headers_body_iter = iter([('404 Not Found', {}, '')])
self.assertEquals(
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
self.tempurl._get_keys({'swift.cache': None}, 'a'), [])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
mc = FakeMemcache()
self.app.status_headers_body_iter = iter([('404 Not Found', {}, '')])
self.assertEquals(
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
self.tempurl._get_keys({'swift.cache': mc}, 'a'), [])
mc.set('temp-url-keys/a', ['abc', 'def'])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.assertEquals(
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
self.tempurl._get_keys({'swift.cache': mc}, 'a'), ['abc', 'def'])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
def test_get_keys_from_source(self):
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
self.app.status_headers_body_iter = \
iter([('200 Ok', {'x-account-meta-temp-url-key': 'abc'}, '')])
mc = FakeMemcache()
self.assertEquals(
Allow 2 TempURL keys per account. This allows users to rotate their TempURL keys without invalidating all existing signed URLs. This is handy if you have multiple systems generating signed URLs, but you want to change your keys for some reason (e.g. keys compromised, company policy, general paranoia). Both the first and second keys are optional, so existing accounts' signed URLs will continue to work as before. This commit does change the memcache key used to store the fetched TempURL keys. This is because we were storing the old key as a string in memcached, but the new one is a list of keys. Since the key cache lifetime here is only 60 seconds, it doesn't seem like too big a deal to completely flush the TempURL cache. Also, this commit adds caching of a negative TempURL result. If the account HEAD reveals no TempURL keys at all, that result is now stored for 60 seconds the same way that a positive result would be. Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e
2013-05-02 14:53:48 -07:00
self.tempurl._get_keys({'swift.cache': mc}, 'a'), ['abc'])
self.assertEquals(mc.get('temp-url-keys/a'), ['abc'])
self.app.status_headers_body_iter = \
iter([('200 Ok',
{'x-account-meta-temp-url-key': 'abc',
'x-account-meta-temp-url-key-2': 'def'},
'')])
mc = FakeMemcache()
self.assertEquals(
sorted(self.tempurl._get_keys({'swift.cache': mc}, 'a')),
['abc', 'def'])
self.assertEquals(sorted(mc.get('temp-url-keys/a')), ['abc', 'def'])
# no keys at all: still gets cached
self.app.status_headers_body_iter = iter([('200 Ok', {}, '')])
mc = FakeMemcache()
self.assertEquals(
sorted(self.tempurl._get_keys({'swift.cache': mc}, 'a')),
[])
self.assertEquals(sorted(mc.get('temp-url-keys/a')), [])
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
def test_get_hmac(self):
self.assertEquals(self.tempurl._get_hmac(
{'REQUEST_METHOD': 'GET', 'PATH_INFO': '/v1/a/c/o'},
1, 'abc'),
'026d7f7cc25256450423c7ad03fc9f5ffc1dab6d')
self.assertEquals(self.tempurl._get_hmac(
{'REQUEST_METHOD': 'HEAD', 'PATH_INFO': '/v1/a/c/o'},
1, 'abc', request_method='GET'),
'026d7f7cc25256450423c7ad03fc9f5ffc1dab6d')
def test_invalid(self):
def _start_response(status, headers, exc_info=None):
self.assertTrue(status, '401 Unauthorized')
self.assertTrue('Temp URL invalid' in
''.join(self.tempurl._invalid({'REQUEST_METHOD': 'GET'},
_start_response)))
self.assertEquals('',
''.join(self.tempurl._invalid({'REQUEST_METHOD': 'HEAD'},
_start_response)))
def test_clean_incoming_headers(self):
irh = ''
iah = ''
env = {'HTTP_TEST_HEADER': 'value'}
tempurl.TempURL(None, {'incoming_remove_headers': irh,
'incoming_allow_headers': iah})._clean_incoming_headers(env)
self.assertTrue('HTTP_TEST_HEADER' in env)
irh = 'test-header'
iah = ''
env = {'HTTP_TEST_HEADER': 'value'}
tempurl.TempURL(None, {'incoming_remove_headers': irh,
'incoming_allow_headers': iah})._clean_incoming_headers(env)
self.assertTrue('HTTP_TEST_HEADER' not in env)
irh = 'test-header-*'
iah = ''
env = {'HTTP_TEST_HEADER_ONE': 'value',
'HTTP_TEST_HEADER_TWO': 'value'}
tempurl.TempURL(None, {'incoming_remove_headers': irh,
'incoming_allow_headers': iah})._clean_incoming_headers(env)
self.assertTrue('HTTP_TEST_HEADER_ONE' not in env)
self.assertTrue('HTTP_TEST_HEADER_TWO' not in env)
irh = 'test-header-*'
iah = 'test-header-two'
env = {'HTTP_TEST_HEADER_ONE': 'value',
'HTTP_TEST_HEADER_TWO': 'value'}
tempurl.TempURL(None, {'incoming_remove_headers': irh,
'incoming_allow_headers': iah})._clean_incoming_headers(env)
self.assertTrue('HTTP_TEST_HEADER_ONE' not in env)
self.assertTrue('HTTP_TEST_HEADER_TWO' in env)
irh = 'test-header-* test-other-header'
iah = 'test-header-two test-header-yes-*'
env = {'HTTP_TEST_HEADER_ONE': 'value',
'HTTP_TEST_HEADER_TWO': 'value',
'HTTP_TEST_OTHER_HEADER': 'value',
'HTTP_TEST_HEADER_YES': 'value',
'HTTP_TEST_HEADER_YES_THIS': 'value'}
tempurl.TempURL(None, {'incoming_remove_headers': irh,
'incoming_allow_headers': iah})._clean_incoming_headers(env)
self.assertTrue('HTTP_TEST_HEADER_ONE' not in env)
self.assertTrue('HTTP_TEST_HEADER_TWO' in env)
self.assertTrue('HTTP_TEST_OTHER_HEADER' not in env)
self.assertTrue('HTTP_TEST_HEADER_YES' not in env)
self.assertTrue('HTTP_TEST_HEADER_YES_THIS' in env)
def test_clean_outgoing_headers(self):
orh = ''
oah = ''
hdrs = {'test-header': 'value'}
Enhance log msg to report referer and user-agent Enhance internally logged messages to report referer and user-agent. Pass the referering URL and METHOD between internal servers (when known), and set the user-agent to be the server type (obj-server, container-server, proxy-server, obj-updater, obj-replicator, container-updater, direct-client, etc.) with the process PID. In conjunction with the transaction ID, it helps to track down which PID from a given system was responsible for initiating the request and what that server was working on to make this request. This has been helpful in tracking down interactions between object, container and account servers. We also take things a bit further performaing a bit of refactoring to consolidate calls to transfer_headers() now that we have a helper method for constructing them. Finally we performed further changes to avoid header key duplication due to string literal header key values and the various objects representing headers for requests and responses. See below for more details. ==== Header Keys There seems to be a bit of a problem with the case of the various string literals used for header keys and the interchangable way standard Python dictionaries, HeaderKeyDict() and HeaderEnvironProxy() objects are used. If one is not careful, a header object of some sort (one that does not normalize its keys, and that is not necessarily a dictionary) can be constructed containing header keys which differ only by the case of their string literals. E.g.: { 'x-trans-id': '1234', 'X-Trans-Id': '5678' } Such an object, when passed to http_connect() will result in an on-the-wire header where the key values are merged together, comma separated, that looks something like: HTTP_X_TRANS_ID: 1234,5678 For some headers in some contexts, this is behavior is desirable. For example, one can also use a list of tuples which enumerate the multiple values a single header should have. However, in almost all of the contexts used in the code base, this is not desirable. This behavior arises from a combination of factors: 1. Header strings are not constants and different lower-case and title-case header strings values are used interchangably in the code at times It might be worth the effort to make a pass through the code to stop using string literals and use constants instead, but there are plusses and minuses to doing that, so this was not attempted in this effort 2. HeaderEnvironProxy() objects report their keys in ".title()" case, but normalize all other key references to the form expected by the Request class's environ field swob.Request.headers fields are HeaderEnvironProxy() objects. 3. HeaderKeyDict() objects report their keys in ".lower()" case, and normalize all other key references to ".lower()" case swob.Response.headers fields are HeaderKeyDict() objects. Depending on which object is used and how it is used, one can end up with such a mismatch. This commit takes the following steps as a (PROPOSED) solution: 1. Change HeaderKeyDict() to normalize using ".title()" case to match HeaderEnvironProxy() 2. Replace standard python dictionary objects with HeaderKeyDict() objects where possible This gives us an object that normalizes key references to avoid fixing the code to normalize the string literals. 3. Fix up a few places to use title case string literals to match the new defaults Change-Id: Ied56a1df83ffac793ee85e796424d7d20f18f469 Signed-off-by: Peter Portante <peter.portante@redhat.com>
2012-11-15 16:34:45 -05:00
hdrs = HeaderKeyDict(tempurl.TempURL(None,
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
{'outgoing_remove_headers': orh, 'outgoing_allow_headers': oah}
)._clean_outgoing_headers(hdrs.iteritems()))
self.assertTrue('test-header' in hdrs)
orh = 'test-header'
oah = ''
hdrs = {'test-header': 'value'}
Enhance log msg to report referer and user-agent Enhance internally logged messages to report referer and user-agent. Pass the referering URL and METHOD between internal servers (when known), and set the user-agent to be the server type (obj-server, container-server, proxy-server, obj-updater, obj-replicator, container-updater, direct-client, etc.) with the process PID. In conjunction with the transaction ID, it helps to track down which PID from a given system was responsible for initiating the request and what that server was working on to make this request. This has been helpful in tracking down interactions between object, container and account servers. We also take things a bit further performaing a bit of refactoring to consolidate calls to transfer_headers() now that we have a helper method for constructing them. Finally we performed further changes to avoid header key duplication due to string literal header key values and the various objects representing headers for requests and responses. See below for more details. ==== Header Keys There seems to be a bit of a problem with the case of the various string literals used for header keys and the interchangable way standard Python dictionaries, HeaderKeyDict() and HeaderEnvironProxy() objects are used. If one is not careful, a header object of some sort (one that does not normalize its keys, and that is not necessarily a dictionary) can be constructed containing header keys which differ only by the case of their string literals. E.g.: { 'x-trans-id': '1234', 'X-Trans-Id': '5678' } Such an object, when passed to http_connect() will result in an on-the-wire header where the key values are merged together, comma separated, that looks something like: HTTP_X_TRANS_ID: 1234,5678 For some headers in some contexts, this is behavior is desirable. For example, one can also use a list of tuples which enumerate the multiple values a single header should have. However, in almost all of the contexts used in the code base, this is not desirable. This behavior arises from a combination of factors: 1. Header strings are not constants and different lower-case and title-case header strings values are used interchangably in the code at times It might be worth the effort to make a pass through the code to stop using string literals and use constants instead, but there are plusses and minuses to doing that, so this was not attempted in this effort 2. HeaderEnvironProxy() objects report their keys in ".title()" case, but normalize all other key references to the form expected by the Request class's environ field swob.Request.headers fields are HeaderEnvironProxy() objects. 3. HeaderKeyDict() objects report their keys in ".lower()" case, and normalize all other key references to ".lower()" case swob.Response.headers fields are HeaderKeyDict() objects. Depending on which object is used and how it is used, one can end up with such a mismatch. This commit takes the following steps as a (PROPOSED) solution: 1. Change HeaderKeyDict() to normalize using ".title()" case to match HeaderEnvironProxy() 2. Replace standard python dictionary objects with HeaderKeyDict() objects where possible This gives us an object that normalizes key references to avoid fixing the code to normalize the string literals. 3. Fix up a few places to use title case string literals to match the new defaults Change-Id: Ied56a1df83ffac793ee85e796424d7d20f18f469 Signed-off-by: Peter Portante <peter.portante@redhat.com>
2012-11-15 16:34:45 -05:00
hdrs = HeaderKeyDict(tempurl.TempURL(None,
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
{'outgoing_remove_headers': orh, 'outgoing_allow_headers': oah}
)._clean_outgoing_headers(hdrs.iteritems()))
self.assertTrue('test-header' not in hdrs)
orh = 'test-header-*'
oah = ''
hdrs = {'test-header-one': 'value',
'test-header-two': 'value'}
Enhance log msg to report referer and user-agent Enhance internally logged messages to report referer and user-agent. Pass the referering URL and METHOD between internal servers (when known), and set the user-agent to be the server type (obj-server, container-server, proxy-server, obj-updater, obj-replicator, container-updater, direct-client, etc.) with the process PID. In conjunction with the transaction ID, it helps to track down which PID from a given system was responsible for initiating the request and what that server was working on to make this request. This has been helpful in tracking down interactions between object, container and account servers. We also take things a bit further performaing a bit of refactoring to consolidate calls to transfer_headers() now that we have a helper method for constructing them. Finally we performed further changes to avoid header key duplication due to string literal header key values and the various objects representing headers for requests and responses. See below for more details. ==== Header Keys There seems to be a bit of a problem with the case of the various string literals used for header keys and the interchangable way standard Python dictionaries, HeaderKeyDict() and HeaderEnvironProxy() objects are used. If one is not careful, a header object of some sort (one that does not normalize its keys, and that is not necessarily a dictionary) can be constructed containing header keys which differ only by the case of their string literals. E.g.: { 'x-trans-id': '1234', 'X-Trans-Id': '5678' } Such an object, when passed to http_connect() will result in an on-the-wire header where the key values are merged together, comma separated, that looks something like: HTTP_X_TRANS_ID: 1234,5678 For some headers in some contexts, this is behavior is desirable. For example, one can also use a list of tuples which enumerate the multiple values a single header should have. However, in almost all of the contexts used in the code base, this is not desirable. This behavior arises from a combination of factors: 1. Header strings are not constants and different lower-case and title-case header strings values are used interchangably in the code at times It might be worth the effort to make a pass through the code to stop using string literals and use constants instead, but there are plusses and minuses to doing that, so this was not attempted in this effort 2. HeaderEnvironProxy() objects report their keys in ".title()" case, but normalize all other key references to the form expected by the Request class's environ field swob.Request.headers fields are HeaderEnvironProxy() objects. 3. HeaderKeyDict() objects report their keys in ".lower()" case, and normalize all other key references to ".lower()" case swob.Response.headers fields are HeaderKeyDict() objects. Depending on which object is used and how it is used, one can end up with such a mismatch. This commit takes the following steps as a (PROPOSED) solution: 1. Change HeaderKeyDict() to normalize using ".title()" case to match HeaderEnvironProxy() 2. Replace standard python dictionary objects with HeaderKeyDict() objects where possible This gives us an object that normalizes key references to avoid fixing the code to normalize the string literals. 3. Fix up a few places to use title case string literals to match the new defaults Change-Id: Ied56a1df83ffac793ee85e796424d7d20f18f469 Signed-off-by: Peter Portante <peter.portante@redhat.com>
2012-11-15 16:34:45 -05:00
hdrs = HeaderKeyDict(tempurl.TempURL(None,
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
{'outgoing_remove_headers': orh, 'outgoing_allow_headers': oah}
)._clean_outgoing_headers(hdrs.iteritems()))
self.assertTrue('test-header-one' not in hdrs)
self.assertTrue('test-header-two' not in hdrs)
orh = 'test-header-*'
oah = 'test-header-two'
hdrs = {'test-header-one': 'value',
'test-header-two': 'value'}
Enhance log msg to report referer and user-agent Enhance internally logged messages to report referer and user-agent. Pass the referering URL and METHOD between internal servers (when known), and set the user-agent to be the server type (obj-server, container-server, proxy-server, obj-updater, obj-replicator, container-updater, direct-client, etc.) with the process PID. In conjunction with the transaction ID, it helps to track down which PID from a given system was responsible for initiating the request and what that server was working on to make this request. This has been helpful in tracking down interactions between object, container and account servers. We also take things a bit further performaing a bit of refactoring to consolidate calls to transfer_headers() now that we have a helper method for constructing them. Finally we performed further changes to avoid header key duplication due to string literal header key values and the various objects representing headers for requests and responses. See below for more details. ==== Header Keys There seems to be a bit of a problem with the case of the various string literals used for header keys and the interchangable way standard Python dictionaries, HeaderKeyDict() and HeaderEnvironProxy() objects are used. If one is not careful, a header object of some sort (one that does not normalize its keys, and that is not necessarily a dictionary) can be constructed containing header keys which differ only by the case of their string literals. E.g.: { 'x-trans-id': '1234', 'X-Trans-Id': '5678' } Such an object, when passed to http_connect() will result in an on-the-wire header where the key values are merged together, comma separated, that looks something like: HTTP_X_TRANS_ID: 1234,5678 For some headers in some contexts, this is behavior is desirable. For example, one can also use a list of tuples which enumerate the multiple values a single header should have. However, in almost all of the contexts used in the code base, this is not desirable. This behavior arises from a combination of factors: 1. Header strings are not constants and different lower-case and title-case header strings values are used interchangably in the code at times It might be worth the effort to make a pass through the code to stop using string literals and use constants instead, but there are plusses and minuses to doing that, so this was not attempted in this effort 2. HeaderEnvironProxy() objects report their keys in ".title()" case, but normalize all other key references to the form expected by the Request class's environ field swob.Request.headers fields are HeaderEnvironProxy() objects. 3. HeaderKeyDict() objects report their keys in ".lower()" case, and normalize all other key references to ".lower()" case swob.Response.headers fields are HeaderKeyDict() objects. Depending on which object is used and how it is used, one can end up with such a mismatch. This commit takes the following steps as a (PROPOSED) solution: 1. Change HeaderKeyDict() to normalize using ".title()" case to match HeaderEnvironProxy() 2. Replace standard python dictionary objects with HeaderKeyDict() objects where possible This gives us an object that normalizes key references to avoid fixing the code to normalize the string literals. 3. Fix up a few places to use title case string literals to match the new defaults Change-Id: Ied56a1df83ffac793ee85e796424d7d20f18f469 Signed-off-by: Peter Portante <peter.portante@redhat.com>
2012-11-15 16:34:45 -05:00
hdrs = HeaderKeyDict(tempurl.TempURL(None,
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
{'outgoing_remove_headers': orh, 'outgoing_allow_headers': oah}
)._clean_outgoing_headers(hdrs.iteritems()))
self.assertTrue('test-header-one' not in hdrs)
self.assertTrue('test-header-two' in hdrs)
orh = 'test-header-* test-other-header'
oah = 'test-header-two test-header-yes-*'
hdrs = {'test-header-one': 'value',
'test-header-two': 'value',
'test-other-header': 'value',
'test-header-yes': 'value',
'test-header-yes-this': 'value'}
Enhance log msg to report referer and user-agent Enhance internally logged messages to report referer and user-agent. Pass the referering URL and METHOD between internal servers (when known), and set the user-agent to be the server type (obj-server, container-server, proxy-server, obj-updater, obj-replicator, container-updater, direct-client, etc.) with the process PID. In conjunction with the transaction ID, it helps to track down which PID from a given system was responsible for initiating the request and what that server was working on to make this request. This has been helpful in tracking down interactions between object, container and account servers. We also take things a bit further performaing a bit of refactoring to consolidate calls to transfer_headers() now that we have a helper method for constructing them. Finally we performed further changes to avoid header key duplication due to string literal header key values and the various objects representing headers for requests and responses. See below for more details. ==== Header Keys There seems to be a bit of a problem with the case of the various string literals used for header keys and the interchangable way standard Python dictionaries, HeaderKeyDict() and HeaderEnvironProxy() objects are used. If one is not careful, a header object of some sort (one that does not normalize its keys, and that is not necessarily a dictionary) can be constructed containing header keys which differ only by the case of their string literals. E.g.: { 'x-trans-id': '1234', 'X-Trans-Id': '5678' } Such an object, when passed to http_connect() will result in an on-the-wire header where the key values are merged together, comma separated, that looks something like: HTTP_X_TRANS_ID: 1234,5678 For some headers in some contexts, this is behavior is desirable. For example, one can also use a list of tuples which enumerate the multiple values a single header should have. However, in almost all of the contexts used in the code base, this is not desirable. This behavior arises from a combination of factors: 1. Header strings are not constants and different lower-case and title-case header strings values are used interchangably in the code at times It might be worth the effort to make a pass through the code to stop using string literals and use constants instead, but there are plusses and minuses to doing that, so this was not attempted in this effort 2. HeaderEnvironProxy() objects report their keys in ".title()" case, but normalize all other key references to the form expected by the Request class's environ field swob.Request.headers fields are HeaderEnvironProxy() objects. 3. HeaderKeyDict() objects report their keys in ".lower()" case, and normalize all other key references to ".lower()" case swob.Response.headers fields are HeaderKeyDict() objects. Depending on which object is used and how it is used, one can end up with such a mismatch. This commit takes the following steps as a (PROPOSED) solution: 1. Change HeaderKeyDict() to normalize using ".title()" case to match HeaderEnvironProxy() 2. Replace standard python dictionary objects with HeaderKeyDict() objects where possible This gives us an object that normalizes key references to avoid fixing the code to normalize the string literals. 3. Fix up a few places to use title case string literals to match the new defaults Change-Id: Ied56a1df83ffac793ee85e796424d7d20f18f469 Signed-off-by: Peter Portante <peter.portante@redhat.com>
2012-11-15 16:34:45 -05:00
hdrs = HeaderKeyDict(tempurl.TempURL(None,
Reverted the pulling out of various middleware: RateLimit StaticWeb TempURL/FormPOST Change-Id: I988e93e6f4aacb817a2e354d43a04e47516fdf88
2012-05-16 21:08:34 +00:00
{'outgoing_remove_headers': orh, 'outgoing_allow_headers': oah}
)._clean_outgoing_headers(hdrs.iteritems()))
self.assertTrue('test-header-one' not in hdrs)
self.assertTrue('test-header-two' in hdrs)
self.assertTrue('test-other-header' not in hdrs)
self.assertTrue('test-header-yes' not in hdrs)
self.assertTrue('test-header-yes-this' in hdrs)
if __name__ == '__main__':
unittest.main()
Copy Permalink