From aa28ce2e4db673c6f0fa9fc31533b39e856ad825 Mon Sep 17 00:00:00 2001 From: Xuanwo Date: Wed, 31 May 2023 11:50:44 +0800 Subject: [PATCH] fix(azure): API Version should be specified by clients (#334) Signed-off-by: Xuanwo --- src/azure/constants.rs | 4 ---- src/azure/storage/signer.rs | 41 +++++-------------------------------- tests/azure/storage.rs | 8 ++++++++ 3 files changed, 13 insertions(+), 40 deletions(-) diff --git a/src/azure/constants.rs b/src/azure/constants.rs index e0392a5c..3815b372 100644 --- a/src/azure/constants.rs +++ b/src/azure/constants.rs @@ -1,7 +1,3 @@ // Headers used in azure services. pub const X_MS_DATE: &str = "x-ms-date"; -pub const X_MS_VERSION: &str = "x-ms-version"; pub const CONTENT_MD5: &str = "content-md5"; - -// Env values used in azure services. -pub const AZURE_VERSION: &str = "2019-12-12"; diff --git a/src/azure/storage/signer.rs b/src/azure/storage/signer.rs index 99d5e7ec..f081a1d8 100644 --- a/src/azure/storage/signer.rs +++ b/src/azure/storage/signer.rs @@ -25,8 +25,6 @@ use crate::time::DateTime; /// - [Authorize with Shared Key](https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key) #[derive(Debug, Default)] pub struct Signer { - /// whether to omit service version or not - omit_service_version: bool, time: Option, } @@ -36,12 +34,6 @@ impl Signer { Self::default() } - /// set the signer to omitting service version - pub fn omit_service_version(mut self) -> Self { - self.omit_service_version = true; - self - } - /// Specify the signing time. /// /// # Note @@ -73,11 +65,7 @@ impl Signer { } SigningMethod::Header => { ctx.headers - .insert(X_MS_VERSION, AZURE_VERSION.to_string().parse()?); - if self.omit_service_version { - ctx.headers - .insert(X_MS_DATE, format_http_date(time::now()).parse()?); - } + .insert(X_MS_DATE, format_http_date(time::now()).parse()?); ctx.headers.insert(AUTHORIZATION, { let mut value: HeaderValue = format!("Bearer {}", token).parse()?; value.set_sensitive(true); @@ -100,8 +88,7 @@ impl Signer { } SigningMethod::Header => { let now = self.time.unwrap_or_else(time::now); - let string_to_sign = - string_to_sign(&mut ctx, ak, now, self.omit_service_version)?; + let string_to_sign = string_to_sign(&mut ctx, ak, now)?; let signature = base64_hmac_sha256(&base64_decode(sk), string_to_sign.as_bytes()); @@ -192,12 +179,7 @@ impl Signer { /// ## Reference /// /// - [Blob, Queue, and File Services (Shared Key authorization)](https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key) -fn string_to_sign( - ctx: &mut SigningContext, - ak: &str, - now: DateTime, - omit_service_version: bool, -) -> Result { +fn string_to_sign(ctx: &mut SigningContext, ak: &str, now: DateTime) -> Result { let mut s = String::with_capacity(128); writeln!(&mut s, "{}", ctx.method.as_str())?; @@ -225,11 +207,7 @@ fn string_to_sign( ctx.header_get_or_default(&IF_UNMODIFIED_SINCE)? )?; writeln!(&mut s, "{}", ctx.header_get_or_default(&RANGE)?)?; - writeln!( - &mut s, - "{}", - canonicalize_header(ctx, now, omit_service_version)? - )?; + writeln!(&mut s, "{}", canonicalize_header(ctx, now)?)?; write!(&mut s, "{}", canonicalize_resource(ctx, ak))?; debug!("string to sign: {}", &s); @@ -240,18 +218,9 @@ fn string_to_sign( /// ## Reference /// /// - [Constructing the canonicalized headers string](https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key#constructing-the-canonicalized-headers-string) -fn canonicalize_header( - ctx: &mut SigningContext, - now: DateTime, - omit_service_version: bool, -) -> Result { +fn canonicalize_header(ctx: &mut SigningContext, now: DateTime) -> Result { ctx.headers .insert(X_MS_DATE, format_http_date(now).parse()?); - if !omit_service_version { - // Insert x_ms_version header. - ctx.headers - .insert(X_MS_VERSION, AZURE_VERSION.to_string().parse()?); - } Ok(SigningContext::header_to_string( ctx.header_to_vec_with_prefix("x-ms-"), diff --git a/tests/azure/storage.rs b/tests/azure/storage.rs index 1eeaa6eb..54ddcc7a 100644 --- a/tests/azure/storage.rs +++ b/tests/azure/storage.rs @@ -55,6 +55,7 @@ async fn test_head_blob() -> Result<()> { let mut builder = http::Request::builder(); builder = builder.method(http::Method::HEAD); + builder = builder.header("x-ms-version", "2023-01-03"); builder = builder.uri(format!("{}/{}", url, "not_exist_file")); let mut req = builder.body("")?; @@ -94,6 +95,8 @@ async fn test_head_object_with_encoded_characters() -> Result<()> { let mut req = http::Request::new(""); *req.method_mut() = http::Method::HEAD; + req.headers_mut() + .insert("x-ms-version", "2023-01-03".parse().unwrap()); *req.uri_mut() = http::Uri::from_str(&format!( "{}/{}", url, @@ -145,6 +148,7 @@ async fn test_list_container_blobs() -> Result<()> { let mut builder = http::Request::builder(); builder = builder.method(http::Method::GET); builder = builder.uri(format!("{url}?{query}")); + builder = builder.header("x-ms-version", "2023-01-03"); let mut req = builder.body("")?; let cred = loader @@ -185,6 +189,7 @@ async fn test_can_head_blob_with_sas() -> Result<()> { let mut builder = http::Request::builder(); builder = builder.method(http::Method::HEAD); + builder = builder.header("x-ms-version", "2023-01-03"); builder = builder.uri(format!("{}/{}", url, "not_exist_file")); let mut req = builder.body("")?; @@ -233,6 +238,7 @@ async fn test_can_list_container_blobs() -> Result<()> { ] { let mut builder = http::Request::builder(); builder = builder.method(http::Method::GET); + builder = builder.header("x-ms-version", "2023-01-03"); builder = builder.uri(format!("{url}?{query}")); let mut req = builder.body("")?; @@ -287,6 +293,7 @@ async fn test_head_blob_with_ldms() -> Result<()> { let mut req = http::Request::builder() .method(http::Method::HEAD) + .header("x-ms-version", "2023-01-03") .uri(format!("{}/{}", url, "not_exist_file")) .body("")?; @@ -344,6 +351,7 @@ async fn test_can_list_container_blobs_with_ldms() -> Result<()> { ] { let mut builder = http::Request::builder(); builder = builder.method(http::Method::GET); + builder = builder.header("x-ms-version", "2023-01-03"); builder = builder.uri(format!("{url}?{query}")); let mut req = builder.body("")?;