Skip to content

Commit

Permalink
Adjust testPresignedPostPolicy to ensure that GetObject returns the c…
Browse files Browse the repository at this point in the history
…orrect checksum. Add checksum headers to policy
  • Loading branch information
marktheunissen committed Sep 2, 2024
1 parent 48517d8 commit 5de5dbe
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 17 deletions.
5 changes: 4 additions & 1 deletion api-put-object-fan-out.go
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,10 @@ func (c *Client) PutObjectFanOut(ctx context.Context, bucket string, fanOutData
policy.SetEncryption(fanOutReq.SSE)

// Set checksum headers if any.
policy.SetChecksum(fanOutReq.Checksum)
err := policy.SetChecksum(fanOutReq.Checksum)
if err != nil {
return nil, err
}

url, formData, err := c.PresignedPostPolicy(ctx, policy)
if err != nil {
Expand Down
46 changes: 31 additions & 15 deletions functional_tests.go
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ func logError(testName, function string, args map[string]interface{}, startTime
} else {
logFailure(testName, function, args, startTime, alert, message, err)
if !isRunOnFail() {
panic(err)
panic(fmt.Sprintf("Test failed with message: %s, err: %v", message, err))
}
}
}
Expand Down Expand Up @@ -2230,7 +2230,7 @@ func testPutObjectWithChecksums() {
h := test.cs.Hasher()
h.Reset()

// Test with Wrong CRC.
// Test with a bad CRC - we haven't called h.Write(b), so this is a checksum of empty data
meta[test.cs.Key()] = base64.StdEncoding.EncodeToString(h.Sum(nil))
args["metadata"] = meta
args["range"] = "false"
Expand Down Expand Up @@ -2428,7 +2428,7 @@ func testPutMultipartObjectWithChecksums() {
cmpChecksum := func(got, want string) {
if want != got {
logError(testName, function, args, startTime, "", "checksum mismatch", fmt.Errorf("want %s, got %s", want, got))
//fmt.Printf("want %s, got %s\n", want, got)
// fmt.Printf("want %s, got %s\n", want, got)
return
}
}
Expand Down Expand Up @@ -2735,6 +2735,8 @@ func testTrailingChecksums() {

delete(args, "metadata")
}

logSuccess(testName, function, args, startTime)
}

// Test PutObject with custom checksums.
Expand Down Expand Up @@ -5495,13 +5497,6 @@ func testPresignedPostPolicy() {
return
}

// Save the data
_, err = c.PutObject(context.Background(), bucketName, objectName, bytes.NewReader(buf), int64(len(buf)), minio.PutObjectOptions{ContentType: "binary/octet-stream"})
if err != nil {
logError(testName, function, args, startTime, "", "PutObject failed", err)
return
}

policy := minio.NewPostPolicy()

if err := policy.SetBucket(""); err == nil {
Expand Down Expand Up @@ -5538,7 +5533,11 @@ func testPresignedPostPolicy() {

// Add CRC32C
checksum := minio.ChecksumCRC32C.ChecksumBytes(buf)
policy.SetChecksum(checksum)
err = policy.SetChecksum(checksum)
if err != nil {
logError(testName, function, args, startTime, "", "SetChecksum failed", err)
return
}

args["policy"] = policy.String()

Expand Down Expand Up @@ -5640,7 +5639,7 @@ func testPresignedPostPolicy() {
expectedLocation := scheme + os.Getenv(serverEndpoint) + "/" + bucketName + "/" + objectName
expectedLocationBucketDNS := scheme + bucketName + "." + os.Getenv(serverEndpoint) + "/" + objectName

if !strings.Contains(expectedLocation, "s3.amazonaws.com/") {
if !strings.Contains(expectedLocation, ".amazonaws.com/") {
// Test when not against AWS S3.
if val, ok := res.Header["Location"]; ok {
if val[0] != expectedLocation && val[0] != expectedLocationBucketDNS {
Expand All @@ -5652,9 +5651,26 @@ func testPresignedPostPolicy() {
return
}
}
want := checksum.Encoded()
if got := res.Header.Get("X-Amz-Checksum-Crc32c"); got != want {
logError(testName, function, args, startTime, "", fmt.Sprintf("Want checksum %q, got %q", want, got), nil)
wantChecksumCrc32c := checksum.Encoded()
if got := res.Header.Get("X-Amz-Checksum-Crc32c"); got != wantChecksumCrc32c {
logError(testName, function, args, startTime, "", fmt.Sprintf("Want checksum %q, got %q", wantChecksumCrc32c, got), nil)
return
}

// Ensure that when we subsequently GetObject, the checksum is returned
gopts := minio.GetObjectOptions{Checksum: true}
r, err := c.GetObject(context.Background(), bucketName, objectName, gopts)
if err != nil {
logError(testName, function, args, startTime, "", "GetObject failed", err)
return
}
st, err := r.Stat()
if err != nil {
logError(testName, function, args, startTime, "", "Stat failed", err)
return
}
if st.ChecksumCRC32C != wantChecksumCrc32c {
logError(testName, function, args, startTime, "", fmt.Sprintf("Want checksum %s, got %s", wantChecksumCrc32c, st.ChecksumCRC32C), nil)
return
}

Expand Down
22 changes: 21 additions & 1 deletion post-policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -302,11 +302,31 @@ func (p *PostPolicy) SetUserMetadata(key, value string) error {
}

// SetChecksum sets the checksum of the request.
func (p *PostPolicy) SetChecksum(c Checksum) {
func (p *PostPolicy) SetChecksum(c Checksum) error {
if c.IsSet() {
p.formData[amzChecksumAlgo] = c.Type.String()
p.formData[c.Type.Key()] = c.Encoded()

// Needed for S3 compatibility. MinIO ignores the checksum keys in the policy.
// https://github.com/minio/minio/blob/RELEASE.2024-08-29T01-40-52Z/cmd/postpolicyform.go#L60-L65
policyCond := policyCondition{
matchType: "eq",
condition: fmt.Sprintf("$%s", amzChecksumAlgo),
value: c.Type.String(),
}
if err := p.addNewPolicy(policyCond); err != nil {
return err
}
policyCond = policyCondition{
matchType: "eq",
condition: fmt.Sprintf("$%s", c.Type.Key()),
value: c.Encoded(),
}
if err := p.addNewPolicy(policyCond); err != nil {
return err
}
}
return nil
}

// SetEncryption - sets encryption headers for POST API
Expand Down

0 comments on commit 5de5dbe

Please sign in to comment.