TempURL and FormPost Middleware

Change-Id: I8d2ce2abdfe3a44605c9441ad7b1abc6c77e282d
openstack · Jan 10, 2012 · 7fc1721 · 7fc1721
1 parent 338be6a
commit 7fc1721
Show file tree

Hide file tree

Showing 11 changed files with 3,359 additions and 16 deletions.
diff --git a/bin/swift-form-signature b/bin/swift-form-signature
@@ -0,0 +1,70 @@
+#!/usr/bin/env python
+
+import hmac
+from hashlib import sha1
+from os.path import basename
+from sys import argv, exit
+from time import time
+
+
+if __name__ == '__main__':
+    if len(argv) != 7:
+        prog = basename(argv[0])
+        print 'Syntax: %s <path> <redirect> <max_file_size> ' \
+              '<max_file_count> <seconds> <key>' % prog
+        print
+        print 'Where:'
+        print '  <path>            The prefix to use for form uploaded'
+        print '                    objects. For example:'
+        print '                    /v1/account/container/object_prefix_ would'
+        print '                    ensure all form uploads have that path'
+        print '                    prepended to the browser-given file name.'
+        print '  <redirect>        The URL to redirect the browser to after'
+        print '                    the uploads have completed.'
+        print '  <max_file_size>   The maximum file size per file uploaded.'
+        print '  <max_file_count>  The maximum number of uploaded files'
+        print '                    allowed.'
+        print '  <seconds>         The number of seconds from now to allow'
+        print '                    the form post to begin.'
+        print '  <key>             The X-Account-Meta-Temp-URL-Key for the'
+        print '                    account.'
+        print
+        print 'Example output:'
+        print '    Expires: 1323842228'
+        print '  Signature: 18de97e47345a82c4dbfb3b06a640dbb'
+        exit(1)
+    path, redirect, max_file_size, max_file_count, seconds, key = argv[1:]
+    try:
+        max_file_size = int(max_file_size)
+    except ValueError:
+        max_file_size = -1
+    if max_file_size < 0:
+        print 'Please use a <max_file_size> value greater than or equal to 0.'
+        exit(1)
+    try:
+        max_file_count = int(max_file_count)
+    except ValueError:
+        max_file_count = 0
+    if max_file_count < 1:
+        print 'Please use a positive <max_file_count> value.'
+        exit(1)
+    try:
+        expires = int(time() + int(seconds))
+    except ValueError:
+        expires = 0
+    if expires < 1:
+        print 'Please use a positive <seconds> value.'
+        exit(1)
+    parts = path.split('/', 4)
+    # Must be four parts, ['', 'v1', 'a', 'c'], must be a v1 request, have
+    # account and container values, and optionally have an object prefix.
+    if len(parts) < 4 or parts[0] or parts[1] != 'v1' or not parts[2] or \
+            not parts[3]:
+        print '<path> must point to a container at least.'
+        print 'For example: /v1/account/container'
+        print '         Or: /v1/account/container/object_prefix'
+        exit(1)
+    sig = hmac.new(key, '%s\n%s\n%s\n%s\n%s' % (path, redirect, max_file_size,
+        max_file_count, expires), sha1).hexdigest()
+    print '  Expires:', expires
+    print 'Signature:', sig
diff --git a/bin/swift-temp-url b/bin/swift-temp-url
@@ -0,0 +1,59 @@
+#!/usr/bin/env python
+
+import hmac
+from hashlib import sha1
+from os.path import basename
+from sys import argv, exit
+from time import time
+
+
+if __name__ == '__main__':
+    if len(argv) != 5:
+        prog = basename(argv[0])
+        print 'Syntax: %s <method> <seconds> <path> <key>' % prog
+        print
+        print 'Where:'
+        print '  <method>   The method to allow, GET or PUT.'
+        print '             Note: HEAD will also be allowed.'
+        print '  <seconds>  The number of seconds from now to allow requests.'
+        print '  <path>     The full path to the resource.'
+        print '             Example: /v1/AUTH_account/c/o'
+        print '  <key>      The X-Account-Meta-Temp-URL-Key for the account.'
+        print
+        print 'Example output:'
+        print '    /v1/AUTH_account/c/o?temp_url_sig=34d49efc32fe6e3082e411e' \
+              'eeb85bd8a&temp_url_expires=1323482948'
+        print
+        print 'This can be used to form a URL to give out for the access '
+        print 'allowed. For example:'
+        print '    echo https://swift-cluster.example.com`%s GET 60 ' \
+              '/v1/AUTH_account/c/o mykey`' % prog
+        print
+        print 'Might output:'
+        print '    https://swift-cluster.example.com/v1/AUTH_account/c/o?' \
+              'temp_url_sig=34d49efc32fe6e3082e411eeeb85bd8a&' \
+              'temp_url_expires=1323482948'
+        exit(1)
+    method, seconds, path, key = argv[1:]
+    if method not in ('GET', 'PUT'):
+        print 'Please use either the GET or PUT method.'
+        exit(1)
+    try:
+        expires = int(time() + int(seconds))
+    except ValueError:
+        expires = 0
+    if expires < 1:
+        print 'Please use a positive <seconds> value.'
+        exit(1)
+    parts = path.split('/', 4)
+    # Must be five parts, ['', 'v1', 'a', 'c', 'o'], must be a v1 request, have
+    # account, container, and object values, and the object value can't just
+    # have '/'s.
+    if len(parts) != 5 or parts[0] or parts[1] != 'v1' or not parts[2] or \
+            not parts[3] or not parts[4].strip('/'):
+        print '<path> must point to an object.'
+        print 'For example: /v1/account/container/object'
+        exit(1)
+    sig = hmac.new(key, '%s\n%s\n%s' % (method, expires, path),
+                   sha1).hexdigest()
+    print '%s?temp_url_sig=%s&temp_url_expires=%s' % (path, sig, expires)
diff --git a/doc/source/misc.rst b/doc/source/misc.rst
@@ -143,3 +143,17 @@ StaticWeb
 .. automodule:: swift.common.middleware.staticweb
     :members:
     :show-inheritance:
+
+TempURL
+=======
+
+.. automodule:: swift.common.middleware.tempurl
+    :members:
+    :show-inheritance:
+
+FormPost
+========
+
+.. automodule:: swift.common.middleware.formpost
+    :members:
+    :show-inheritance:
diff --git a/etc/proxy-server.conf-sample b/etc/proxy-server.conf-sample
@@ -69,6 +69,11 @@ use = egg:swift#tempauth
 # This is a comma separated list of hosts allowed to send X-Container-Sync-Key
 # requests.
 # allowed_sync_hosts = 127.0.0.1
+# This allows middleware higher in the WSGI pipeline to override auth
+# processing, useful for middleware such as tempurl and formpost. If you know
+# you're not going to use such middleware and you want a bit of extra security,
+# you can set this to false.
+# allow_overrides = true
 # Lastly, you need to list all the accounts/users you want here. The format is:
 #   user_<account>_<user> = <key> [group] [group] [...] [storage_url]
 # There are special groups of:
@@ -185,3 +190,33 @@ use = egg:swift#staticweb
 # set access_log_facility = LOG_LOCAL0
 # set access_log_level = INFO
 # set log_headers = False
+
+# Note: Put tempurl just before your auth filter(s) in the pipeline
+[filter:tempurl]
+use = egg:swift#tempurl
+#
+# The headers to remove from incoming requests. Simply a whitespace delimited
+# list of header names and names can optionally end with '*' to indicate a
+# prefix match. incoming_allow_headers is a list of exceptions to these
+# removals.
+# incoming_remove_headers = x-timestamp
+#
+# The headers allowed as exceptions to incoming_remove_headers. Simply a
+# whitespace delimited list of header names and names can optionally end with
+# '*' to indicate a prefix match.
+# incoming_allow_headers =
+#
+# The headers to remove from outgoing responses. Simply a whitespace delimited
+# list of header names and names can optionally end with '*' to indicate a
+# prefix match. outgoing_allow_headers is a list of exceptions to these
+# removals.
+# outgoing_remove_headers = x-object-meta-*
+#
+# The headers allowed as exceptions to outgoing_remove_headers. Simply a
+# whitespace delimited list of header names and names can optionally end with
+# '*' to indicate a prefix match.
+# outgoing_allow_headers = x-object-meta-public-*
+
+# Note: Put formpost just before your auth filter(s) in the pipeline
+[filter:formpost]
+use = egg:swift#formpost
diff --git a/setup.py b/setup.py
@@ -41,25 +41,40 @@
         ],
     install_requires=[],  # removed for better compat
     scripts=[
-        'bin/swift', 'bin/swift-account-auditor',
-        'bin/swift-account-audit', 'bin/swift-account-reaper',
-        'bin/swift-account-replicator', 'bin/swift-account-server',
+        'bin/swift',
+        'bin/swift-account-audit',
+        'bin/swift-account-auditor',
+        'bin/swift-account-reaper',
+        'bin/swift-account-replicator',
+        'bin/swift-account-server',
+        'bin/swift-bench',
         'bin/swift-container-auditor',
-        'bin/swift-container-replicator', 'bin/swift-container-sync',
-        'bin/swift-container-server', 'bin/swift-container-updater',
-        'bin/swift-drive-audit', 'bin/swift-get-nodes',
-        'bin/swift-init', 'bin/swift-object-auditor',
-        'bin/swift-object-expirer', 'bin/swift-object-info',
+        'bin/swift-container-replicator',
+        'bin/swift-container-server',
+        'bin/swift-container-sync',
+        'bin/swift-container-updater',
+        'bin/swift-dispersion-populate',
+        'bin/swift-dispersion-report',
+        'bin/swift-drive-audit',
+        'bin/swift-form-signature',
+        'bin/swift-get-nodes',
+        'bin/swift-init',
+        'bin/swift-object-auditor',
+        'bin/swift-object-expirer',
+        'bin/swift-object-info',
         'bin/swift-object-replicator',
         'bin/swift-object-server',
-        'bin/swift-object-updater', 'bin/swift-proxy-server',
-        'bin/swift-ring-builder', 'bin/swift-stats-populate',
+        'bin/swift-object-updater',
+        'bin/swift-oldies',
+        'bin/swift-orphans',
+        'bin/swift-proxy-server',
+        'bin/swift-recon',
+        'bin/swift-recon-cron',
+        'bin/swift-ring-builder',
+        'bin/swift-stats-populate',
         'bin/swift-stats-report',
-        'bin/swift-dispersion-populate', 'bin/swift-dispersion-report',
-        'bin/swift-bench',
-        'bin/swift-recon', 'bin/swift-recon-cron', 'bin/swift-orphans',
-        'bin/swift-oldies'
-        ],
+        'bin/swift-temp-url',
+    ],
     entry_points={
         'paste.app_factory': [
             'proxy=swift.proxy.server:app_factory',
@@ -78,6 +93,8 @@
             'staticweb=swift.common.middleware.staticweb:filter_factory',
             'tempauth=swift.common.middleware.tempauth:filter_factory',
             'recon=swift.common.middleware.recon:filter_factory',
+            'tempurl=swift.common.middleware.tempurl:filter_factory',
+            'formpost=swift.common.middleware.formpost:filter_factory',
             ],
         },
     )