Hi, using swift 1.4.8 on Centos machines. (latest packages for centos. note that i'm assuming tempurl works with this version merely because all the code seems to be there, i couldn't find clear docs on whether it should work or not?) I want to use the swift tempURL feature as per http://failverse.com/using-temporary-urls-on-rackspace-cloud-files/ http://docs.rackspace.com/files/api/v1/cf-devguide/content/TempURL-d1a4450.html http://docs.rackspace.com/files/api/v1/cf-devguide/content/Set_Account_Metadata-d1a4460.html
TLDR: set up metadata correctly, but tempurl requests yield http 401, can't figure it out, _get_hmac() doesn't seem to be called. First, I set the key metadata (this works fine) (tried both the swift CLI program as well as curl), and I tried setting it both on container level (container "uploads") as well as account level (though i would prefer container level) alias vimeoswift=swift -A http://$ip:8080/auth/v1.0 -U system:root -K testpass' vimeoswift post -m Temp-Url-Key:key uploads vimeoswift post -m Temp-Url-Key:key curl -i -X POST -H X-Auth-Token:$t -H X-Account-Meta-Temp-URL-Key:key http://$ip:8080/v1/AUTH_system this seems to work, because when I stat the account and the container, they show up: [root@dfvimeodfsproxy1 ~]# vimeoswift stat uploads Account: AUTH_system Container: uploads Objects: 1 Bytes: 1253 Read ACL: Write ACL: Sync To: Sync Key: Meta Temp-Url-Key: key <------------------ Accept-Ranges: bytes [root@dfvimeodfsproxy1 ~]# vimeoswift stat Account: AUTH_system Containers: 1 Objects: 1 Bytes: 1253 Meta Temp-Url-Key: key <------------------ Accept-Ranges: bytes [root@dfvimeodfsproxy1 ~]# I have already put a file in container uploads (which I can retrieve just fine using an auth token): [root@dfvimeodfsproxy1 ~]# vimeoswift stat uploads mylogfile.log | grep 'Content Length' Content Length: 1253 now however, if i want to retrieve this file using the tempURL feature, it doesn't work: using this script #!/usr/bin/python2 import hmac from hashlib import sha1 from time import time method = 'GET' expires = int(time() + 60) base = 'http://10.90.151.5:8080' path = '/v1/AUTH_system/uploads/mylogfile.log' key = 'key' hmac_body = '%s\n%s\n%s' % (method, expires, path) sig = hmac.new(key, hmac_body, sha1).hexdigest() print '%s%s?temp_url_sig=%s&temp_url_expires=%s' % (base, path, sig, expires) ~ ❯ openstack-signed-url2.py http://10.90.151.5:8080/v1/AUTH_system/uploads/mylogfile.log?temp_url_sig=e700f568cd099a432890db00e263b29b999d3604&temp_url_expires=1350666309 ~ ❯ wget 'http://10.90.151.5:8080/v1/AUTH_system/uploads/mylogfile.log?temp_url_sig=e700f568cd099a432890db00e263b29b999d3604&temp_url_expires=1350666309' --2012-10-19 13:04:14-- http://10.90.151.5:8080/v1/AUTH_system/uploads/mylogfile.log?temp_url_sig=e700f568cd099a432890db00e263b29b999d3604&temp_url_expires=1350666309 Connecting to 10.90.151.5:8080... connected. HTTP request sent, awaiting response... 401 Unauthorized Authorization failed. I thought I could easily debug this myself by changing the _get_hmac() function in /usr/lib/python2.6/site-packages/swift/common/middleware/tempurl.py like so: def _get_hmac(self, env, expires, key, request_method=None): """ (...) """ if not request_method: request_method = env['REQUEST_METHOD'] self.logger("getting HMAC for method %s, expires %s, path %s" % (request_method, expires, env['PATH_INFO'])) hmac = hmac.new(key, '%s\n%s\n%s' % (request_method, expires, env['PATH_INFO']), sha1).hexdigest() self.logger("hmac is " + hmac) return hmac however, after restarting the proxy, I don't see my messages showing up anywhere (logging works otherwise, because proxy-server messages are showing up in /var/log/message, showing all incoming http requests and their responses any help is appreciated, thanks! Dieter _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
