len548 commented on code in PR #9343:
URL: https://github.com/apache/ozone/pull/9343#discussion_r2606478859
##########
hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/signature/AWSSignatureProcessor.java:
##########
@@ -89,13 +99,56 @@ public SignatureInfo parseSignature() throws OS3Exception {
}
}
if (signatureInfo == null) {
- signatureInfo = new SignatureInfo.Builder(Version.NONE).build();
+ signatureInfo = new
SignatureInfo.Builder(Version.NONE).setService("s3").build();
}
+ String payloadHash = getPayloadHash(headers, signatureInfo);
+ signatureInfo.setPayloadHash(payloadHash);
signatureInfo.setUnfilteredURI(
context.getUriInfo().getRequestUri().getPath());
return signatureInfo;
}
+ private String getPayloadHash(Map<String, String> headers, SignatureInfo
signatureInfo)
+ throws OS3Exception, NoSuchAlgorithmException, IOException {
+ if (signatureInfo.getVersion() == Version.V2) {
+ return "";
Review Comment:
This getPayloadHash method is only used to construct V4 signature while it
is unnecessary for V2. See [AWS documentation for signing V2
signature](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTAuthentication.html).
You might think why it can't be null. It is because this has to return an
arbitrary string for tests in
[`TestAuthorizationFilter`](https://github.com/apache/ozone/blob/2062a06942e14e1093b0b78b5de022e266b88d35/hadoop-ozone/s3gateway/src/test/java/org/apache/hadoop/ozone/s3/TestAuthorizationFilter.java#L127).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
