Permalink
Browse files

Allows to set the account meta key by setting hp_account_meta_key, ne…

…eded to generate temp urls using the HP provider, explicitly, instead of using hp_secret_key. If hp_account_meta_key is not given hp_secret_key is used as hp_account_meta_key.
  • Loading branch information...
1 parent 3c03e4c commit a8daf7f6cbc861c197a8dbecb43f6ceb391957f4 @enterprise-rails enterprise-rails committed Jun 24, 2013
Showing with 8 additions and 2 deletions.
  1. +8 −2 lib/fog/hp/storage.rb
View
@@ -10,8 +10,9 @@ class HP < Fog::Service
recognizes :persistent, :connection_options
recognizes :hp_use_upass_auth_style, :hp_auth_version, :user_agent
recognizes :hp_access_key, :hp_account_id # :hp_account_id is deprecated use hp_access_key instead
+ requires :hp_account_meta_key
- secrets :hp_secret_key
+ secrets :hp_secret_key, :hp_account_meta_key
model_path 'fog/hp/models/storage'
model :directory
@@ -170,7 +171,10 @@ def generate_object_temp_url(container, object, expires_secs, method)
# Only works with 1.9+ Not compatible with 1.8.7
#signed_string = Digest::HMAC.hexdigest(string_to_sign, @hp_secret_key, Digest::SHA1)
# Compatible with 1.8.7 onwards
- hmac = OpenSSL::HMAC.new(@hp_secret_key, OpenSSL::Digest::SHA1.new)
+
+ account_meta_key = @hp_account_meta_key
+
+ hmac = OpenSSL::HMAC.new(account_meta_key, OpenSSL::Digest::SHA1.new)
signed_string = hmac.update(string_to_sign).hexdigest
signature = @hp_tenant_id.to_s + ":" + @hp_access_key.to_s + ":" + signed_string
@@ -217,6 +221,7 @@ def initialize(options={})
end
@hp_secret_key = options[:hp_secret_key]
@hp_tenant_id = options[:hp_tenant_id]
+ @hp_account_meta_key = options[:hp_account_meta_key] || @hp_secret_key
end
def data
@@ -254,6 +259,7 @@ def initialize(options={})
options[:hp_service_type] = "Object Storage"
@hp_tenant_id = options[:hp_tenant_id]
@hp_avl_zone = options[:hp_avl_zone]
+ @hp_account_meta_key = options[:hp_account_meta_key] || @hp_secret_key
### Make the authentication call
if (auth_version == :v2)

1 comment on commit a8daf7f

rupakg commented on a8daf7f Jun 26, 2013

@enterprise-rails Thanks for the update. The only concern I have is that I don't want to make the :hp_account_meta_key a 'required' parameter. Currently the temp_url logic was set by HP to work with the hp_secret_key, and the customers are used to that. I don't want to break existing customers by introducing a new 'required' parameter. At the same time being compatible with OS is nice, so I was thinking that:

  1. Make the name of the :hp_account_meta_key more intuitive that it says what it does.
  2. Make :hp_account_meta_key a non-required, 'recognizes' parameter, that users will know to populate when using against OS.
Please sign in to comment.