Skip to content

Commit 8db8169

Browse files
authored
We should be signing the encoded (raw) URL rather than the nicely rendered path (#380)
Resolves #379
1 parent d8e64c3 commit 8db8169

2 files changed

Lines changed: 30 additions & 8 deletions

File tree

java-manta-client-unshaded/src/main/java/com/joyent/manta/client/UriSigner.java

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -72,10 +72,8 @@ public URI signURI(final URI uri, final String method, final long expires)
7272
Validate.notNull(method, "Method must not be null");
7373
Validate.notNull(uri, "URI must not be null");
7474

75-
if (uri.getQuery() != null) {
76-
Validate.isTrue(StringUtils.isEmpty(uri.getQuery()),
77-
"Query must be null or empty. URI: %s", uri);
78-
}
75+
Validate.isTrue(StringUtils.isEmpty(uri.getQuery()),
76+
"Query must be null or empty. URI: %s", uri);
7977

8078
final ThreadLocalSigner signer = authConfig.getSigner();
8179

@@ -91,7 +89,7 @@ public URI signURI(final URI uri, final String method, final long expires)
9189
StringBuilder sigText = new StringBuilder();
9290
sigText.append(method).append(StringUtils.LF)
9391
.append(uri.getHost()).append(StringUtils.LF)
94-
.append(uri.getPath()).append(StringUtils.LF)
92+
.append(uri.getRawPath()).append(StringUtils.LF)
9593
.append("algorithm=").append(algorithm).append("&")
9694
.append("expires=").append(expires).append("&")
9795
.append("keyId=").append(keyIdEncoded);

java-manta-it/src/test/java/com/joyent/manta/client/MantaClientSigningIT.java

Lines changed: 27 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
import com.joyent.manta.config.ConfigContext;
1111
import com.joyent.manta.config.IntegrationTestConfigContext;
1212
import org.apache.commons.io.IOUtils;
13+
import org.apache.http.HttpStatus;
1314
import org.testng.Assert;
1415
import org.testng.SkipException;
1516
import org.testng.annotations.AfterClass;
@@ -22,13 +23,15 @@
2223
import java.net.HttpURLConnection;
2324
import java.net.URI;
2425
import java.nio.charset.Charset;
25-
import java.nio.charset.StandardCharsets;
26+
import java.time.Duration;
2627
import java.time.Instant;
2728
import java.time.temporal.ChronoUnit;
2829
import java.util.List;
2930
import java.util.Map;
3031
import java.util.UUID;
3132

33+
import static java.nio.charset.StandardCharsets.UTF_8;
34+
3235
/**
3336
* Tests the functionality of signing private Manta URLs for public access.
3437
*
@@ -53,7 +56,7 @@ public void beforeClass() throws IOException {
5356

5457
mantaClient = new MantaClient(config);
5558
testPathPrefix = IntegrationTestConfigContext.generateBasePath(config, this.getClass().getSimpleName());
56-
mantaClient.putDirectory(testPathPrefix, null);
59+
mantaClient.putDirectory(testPathPrefix, true);
5760
}
5861

5962
@AfterClass
@@ -155,7 +158,7 @@ public final void testCanCreateSignedPUTUriFromPath()
155158
connection.connect();
156159

157160
try (OutputStreamWriter out = new OutputStreamWriter(
158-
connection.getOutputStream(), StandardCharsets.UTF_8)) {
161+
connection.getOutputStream(), UTF_8)) {
159162
out.write(TEST_DATA);
160163
} finally {
161164
connection.disconnect();
@@ -221,4 +224,25 @@ public final void testCanCreateSignedOPTIONSUriFromPath()
221224
connection.disconnect();
222225
}
223226
}
227+
228+
@Test
229+
public final void testCanCreateSignedURIWithEncodedCharacters() throws IOException {
230+
final String path = testPathPrefix + "⛰ quack 🦆";
231+
232+
mantaClient.put(path, TEST_DATA, UTF_8);
233+
Assert.assertEquals(mantaClient.getAsString(path), TEST_DATA);
234+
235+
final URI uri = mantaClient.getAsSignedURI(path, "GET", Instant.now().plus(Duration.ofHours(1)));
236+
final HttpURLConnection conn = (HttpURLConnection) uri.toURL().openConnection();
237+
238+
try (final InputStream is = conn.getInputStream()) {
239+
conn.setReadTimeout(3000);
240+
conn.connect();
241+
242+
Assert.assertEquals(conn.getResponseCode(), HttpStatus.SC_OK);
243+
Assert.assertEquals(IOUtils.toString(is, UTF_8), TEST_DATA);
244+
} finally {
245+
conn.disconnect();
246+
}
247+
}
224248
}

0 commit comments

Comments
 (0)