Skip to content

[Storage] Signed URLs v4 #1742

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jdpedrie merged 27 commits into from
Apr 16, 2019
Merged

[Storage] Signed URLs v4 #1742

jdpedrie merged 27 commits into from
Apr 16, 2019

Conversation

@jdpedrie
Copy link
Contributor

@jdpedrie jdpedrie commented Mar 21, 2019
edited
Loading

This is still a work in progress, but it's progressed far enough to start getting some additional eyes on it.

The signing logic is going to move to the Auth library. A change for that will be forthcoming.

cc @frankyn

Closes #1672.

@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Mar 21, 2019
@jdpedrie jdpedrie added the api: storage Issues related to the Cloud Storage API. label Mar 21, 2019
@jdpedrie jdpedrie changed the title Storage signed url v4 [Storage] Signed URLs v4 Mar 21, 2019
frankyn
frankyn suggested changes Mar 27, 2019
View reviewed changes
Copy link
Contributor

@frankyn frankyn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apologies for the delay, here's a first pass review.

Please update signed-url-v4-testdata.json as it was recently updated.

@yoshi-automation yoshi-automation added the 🚨 This issue needs some love. label Mar 28, 2019
@jdpedrie jdpedrie added needs work This is a pull request that needs a little love. and removed 🚨 This issue needs some love. labels Mar 29, 2019
frankyn
frankyn suggested changes Mar 29, 2019
View reviewed changes
Copy link
Contributor

@frankyn frankyn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implementation LGTM, pending tests passing with conformance tests. I added small nits in this request for changes.

Thanks @jdpedrie.

frankyn
frankyn reviewed Mar 29, 2019
View reviewed changes
Storage/src/SigningHelper.php Outdated
//@codeCoverageIgnoreStart
if ($version === null && self::DEFAULT_URL_SIGNING_VERSION === 'v2') {
// raise a little notice to poke users towards v4.
@trigger_error(
Copy link
Contributor

@frankyn frankyn Mar 29, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this error out an application or only log a warning?

Copy link
Contributor Author

@jdpedrie jdpedrie Mar 29, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it will only log a notice.

frankyn
frankyn reviewed Mar 29, 2019
View reviewed changes
frankyn
frankyn approved these changes Mar 29, 2019
View reviewed changes
Copy link
Contributor

@frankyn frankyn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pending failed tests and auth PR the implementation LGTM.

frankyn
frankyn reviewed Mar 29, 2019
View reviewed changes
frankyn
frankyn reviewed Apr 3, 2019
View reviewed changes
Storage/src/Bucket.php Outdated
* @type array $queryParams Additional query parameters to be included
* as part of the signed URL query string. For allowed values,
* see [Reference Headers](https://cloud.google.com/storage/docs/xml-api/reference-headers#query).
* @type string $version One of "v2" or "v4". In the future, "v4" will
Copy link
Contributor

@frankyn frankyn Apr 3, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove mention of "v2 -> v4 as default" here as well.

frankyn
frankyn approved these changes Apr 4, 2019
View reviewed changes
Copy link
Contributor

@frankyn frankyn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can move forward with language reviews if necessary. LGTM, thank you for your patience @jdpedrie

@jdpedrie jdpedrie mentioned this pull request Apr 12, 2019
Closed
@jdpedrie jdpedrie marked this pull request as ready for review April 15, 2019 19:27
@jdpedrie jdpedrie requested a review from dwsupplee as a code owner April 15, 2019 19:27
@jdpedrie jdpedrie added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Apr 15, 2019
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Apr 15, 2019
@codecov
Copy link

codecov bot commented Apr 15, 2019
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@afc9ee3). Click here to learn what that means.
The diff coverage is 96.04%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #1742   +/-   ##
=========================================
  Coverage          ?   91.58%           
  Complexity        ?     4403           
=========================================
  Files             ?      305           
  Lines             ?    13089           
  Branches          ?        0           
=========================================
  Hits              ?    11987           
  Misses            ?     1102           
  Partials          ?        0
Impacted Files Coverage Δ Complexity Δ
Storage/src/EncryptionTrait.php 100% <ø> (ø) 16 <0> (?)
Storage/src/Connection/Rest.php 100% <ø> (ø) 41 <0> (?)
Core/src/RequestWrapperTrait.php 93.93% <0%> (ø) 11 <1> (?)
Storage/src/Bucket.php 97.18% <100%> (ø) 70 <2> (?)
Core/src/JsonTrait.php 100% <100%> (ø) 4 <4> (?)
Storage/src/StorageObject.php 100% <100%> (ø) 38 <0> (?)
Storage/src/SigningHelper.php 96.42% <96.42%> (ø) 54 <54> (?)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update afc9ee3...c426754. Read the comment docs.

dwsupplee
dwsupplee suggested changes Apr 15, 2019
View reviewed changes
Copy link
Contributor

@dwsupplee dwsupplee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still finishing up, just had some thoughts that seemed worthwhile to get out in case it is anything we could continue on in parallel.

Storage/src/SigningHelper.php Outdated
}

$options['keyFile'] = json_decode(file_get_contents($keyFilePath), true);
if (json_last_error() !== JSON_ERROR_NONE) {
Copy link
Contributor

@dwsupplee dwsupplee Apr 15, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could use the JsonTrait here

Copy link
Contributor Author

@jdpedrie jdpedrie Apr 16, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure thing. Please note that this required making the methods in JsonTrait static.

Storage/src/SigningHelper.php
*
* @return SigningHelper
*/
public static function getHelper()
Copy link
Contributor

@dwsupplee dwsupplee Apr 15, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need an instance at all? It looks like we should be able to make v2sign and v4sign static. Just being able to call SigngingHelper::v2Sign seems friendlier than having to work with this getHelper method.

dwsupplee
dwsupplee reviewed Apr 15, 2019
View reviewed changes
Copy link
Contributor

@dwsupplee dwsupplee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really nice work abstracting this out 👍

dwsupplee
dwsupplee reviewed Apr 16, 2019
View reviewed changes
@jdpedrie jdpedrie removed the needs work This is a pull request that needs a little love. label Apr 16, 2019
@yoshi-automation yoshi-automation added the 🚨 This issue needs some love. label Apr 16, 2019
@jdpedrie jdpedrie added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Apr 16, 2019
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Apr 16, 2019
@jdpedrie jdpedrie merged commit 9061f97 into googleapis:master Apr 16, 2019
@jdpedrie jdpedrie deleted the storage-signed-url-v4 branch April 16, 2019 19:36
@jdpedrie jdpedrie mentioned this pull request Apr 16, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@frankyn frankyn frankyn approved these changes

@dwsupplee dwsupplee dwsupplee approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

api: storage Issues related to the Cloud Storage API. cla: yes This human has signed the Contributor License Agreement. 🚨 This issue needs some love.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

GCS signedUrl fails with GAE default service account

6 participants

@jdpedrie @frankyn @dwsupplee @googlebot @kokoro-team @yoshi-automation