Skip to content

Commit

Permalink
Adjust testPresignedPostPolicy to ensure that GetObject returns the c…
Browse files Browse the repository at this point in the history
…orrect checksum. Add checksum headers to policy
  • Loading branch information
marktheunissen committed Nov 18, 2024
1 parent ab1c2fe commit 4971ce6
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 17 deletions.
5 changes: 4 additions & 1 deletion api-put-object-fan-out.go
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,10 @@ func (c *Client) PutObjectFanOut(ctx context.Context, bucket string, fanOutData
policy.SetEncryption(fanOutReq.SSE)

// Set checksum headers if any.
policy.SetChecksum(fanOutReq.Checksum)
err := policy.SetChecksum(fanOutReq.Checksum)
if err != nil {
return nil, err
}

url, formData, err := c.PresignedPostPolicy(ctx, policy)
if err != nil {
Expand Down
46 changes: 31 additions & 15 deletions functional_tests.go
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ func logError(testName, function string, args map[string]interface{}, startTime
} else {
logFailure(testName, function, args, startTime, alert, message, err)
if !isRunOnFail() {
panic(err)
panic(fmt.Sprintf("Test failed with message: %s, err: %v", message, err))
}
}
}
Expand Down Expand Up @@ -2230,7 +2230,7 @@ func testPutObjectWithChecksums() {
h := test.cs.Hasher()
h.Reset()

// Test with Wrong CRC.
// Test with a bad CRC - we haven't called h.Write(b), so this is a checksum of empty data
meta[test.cs.Key()] = base64.StdEncoding.EncodeToString(h.Sum(nil))
args["metadata"] = meta
args["range"] = "false"
Expand Down Expand Up @@ -2620,7 +2620,7 @@ func testPutMultipartObjectWithChecksums(trailing bool) {
cmpChecksum := func(got, want string) {
if want != got {
logError(testName, function, args, startTime, "", "checksum mismatch", fmt.Errorf("want %s, got %s", want, got))
//fmt.Printf("want %s, got %s\n", want, got)
// fmt.Printf("want %s, got %s\n", want, got)
return
}
}
Expand Down Expand Up @@ -2933,6 +2933,8 @@ func testTrailingChecksums() {

delete(args, "metadata")
}

logSuccess(testName, function, args, startTime)
}

// Test PutObject with custom checksums.
Expand Down Expand Up @@ -5689,13 +5691,6 @@ func testPresignedPostPolicy() {
return
}

// Save the data
_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
if err != nil {
logError(testName, function, args, startTime, "", "PutObject failed", err)
return
}

policy := minio.NewPostPolicy()

if err := policy.SetBucket(""); err == nil {
Expand Down Expand Up @@ -5732,7 +5727,11 @@ func testPresignedPostPolicy() {

// Add CRC32C
checksum := minio.ChecksumCRC32C.ChecksumBytes(buf)
policy.SetChecksum(checksum)
err = policy.SetChecksum(checksum)
if err != nil {
logError(testName, function, args, startTime, "", "SetChecksum failed", err)
return
}

args["policy"] = policy.String()

Expand Down Expand Up @@ -5828,7 +5827,7 @@ func testPresignedPostPolicy() {
expectedLocation := scheme + os.Getenv(serverEndpoint) + "/" + bucketName + "/" + objectName
expectedLocationBucketDNS := scheme + bucketName + "." + os.Getenv(serverEndpoint) + "/" + objectName

if !strings.Contains(expectedLocation, "s3.amazonaws.com/") {
if !strings.Contains(expectedLocation, ".amazonaws.com/") {
// Test when not against AWS S3.
if val, ok := res.Header["Location"]; ok {
if val[0] != expectedLocation && val[0] != expectedLocationBucketDNS {
Expand All @@ -5840,9 +5839,26 @@ func testPresignedPostPolicy() {
return
}
}
want := checksum.Encoded()
if got := res.Header.Get("X-Amz-Checksum-Crc32c"); got != want {
logError(testName, function, args, startTime, "", fmt.Sprintf("Want checksum %q, got %q", want, got), nil)
wantChecksumCrc32c := checksum.Encoded()
if got := res.Header.Get("X-Amz-Checksum-Crc32c"); got != wantChecksumCrc32c {
logError(testName, function, args, startTime, "", fmt.Sprintf("Want checksum %q, got %q", wantChecksumCrc32c, got), nil)
return
}

// Ensure that when we subsequently GetObject, the checksum is returned
gopts := minio.GetObjectOptions{Checksum: true}
r, err := c.GetObject(context.Background(), bucketName, objectName, gopts)
if err != nil {
logError(testName, function, args, startTime, "", "GetObject failed", err)
return
}
st, err := r.Stat()
if err != nil {
logError(testName, function, args, startTime, "", "Stat failed", err)
return
}
if st.ChecksumCRC32C != wantChecksumCrc32c {
logError(testName, function, args, startTime, "", fmt.Sprintf("Want checksum %s, got %s", wantChecksumCrc32c, st.ChecksumCRC32C), nil)
return
}

Expand Down
22 changes: 21 additions & 1 deletion post-policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -321,11 +321,31 @@ func (p *PostPolicy) SetUserMetadataStartsWith(key, value string) error {
}

// SetChecksum sets the checksum of the request.
func (p *PostPolicy) SetChecksum(c Checksum) {
func (p *PostPolicy) SetChecksum(c Checksum) error {
if c.IsSet() {
p.formData[amzChecksumAlgo] = c.Type.String()
p.formData[c.Type.Key()] = c.Encoded()

// Needed for S3 compatibility. MinIO ignores the checksum keys in the policy.
// https://github.com/minio/minio/blob/RELEASE.2024-08-29T01-40-52Z/cmd/postpolicyform.go#L60-L65
policyCond := policyCondition{
matchType: "eq",
condition: fmt.Sprintf("$%s", amzChecksumAlgo),
value: c.Type.String(),
}
if err := p.addNewPolicy(policyCond); err != nil {
return err
}
policyCond = policyCondition{
matchType: "eq",
condition: fmt.Sprintf("$%s", c.Type.Key()),
value: c.Encoded(),
}
if err := p.addNewPolicy(policyCond); err != nil {
return err
}
}
return nil
}

// SetEncryption - sets encryption headers for POST API
Expand Down

0 comments on commit 4971ce6

Please sign in to comment.