rgw/notifications: support v4 auth for topics and notifications

author Yuval Lifshitz <ylifshit@redhat.com>

Thu, 24 Jun 2021 14:55:24 +0000 (17:55 +0300)

committer Yuval Lifshitz <ylifshit@redhat.com>

Fri, 27 Aug 2021 08:34:14 +0000 (11:34 +0300)
author Yuval Lifshitz <ylifshit@redhat.com>
Thu, 24 Jun 2021 14:55:24 +0000 (17:55 +0300)
committer Yuval Lifshitz <ylifshit@redhat.com>
Fri, 27 Aug 2021 08:34:14 +0000 (11:34 +0300)
diff --git a/examples/boto3/README.md b/examples/boto3/README.md

index be6799da9c2aad547a5efc8da4b794df31da62b2..52f43746d980fb80a0e4e818da055410c87970a1 100644 (file)
--- a/examples/boto3/README.md
+++ b/examples/boto3/README.md
@@ -14,11 +14,6 @@ The standard [AWS CLI](https://docs.aws.amazon.com/cli/latest/) may also be used
  aws --endpoint-url http://localhost:8000 s3api list-objects --bucket=mybucket --allow-unordered
  ```
  
-- Use the following command to set SNS signature to s3v2:
-```
-aws configure set default.sns.signature_version s3
-```
-
  - Topic creation with endpoint:
  ```
  aws --endpoint-url http://localhost:8000 sns create-topic --name=mytopic --attributes='{"push-endpoint": "amqp://localhost:5672", "amqp-exchange": "ex1", "amqp-ack-level": "broker"}'
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc

index a7998eadf40a69cef4f203c870028c8e854e8233..204706b4bee9d9782ccfd569e86b32082fee5481 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -5263,7 +5263,11 @@ AWSGeneralAbstractor::get_auth_data_v4(const req_state* const s,
        s->op_type == RGW_OP_CREATE_OIDC_PROVIDER ||
        s->op_type == RGW_OP_DELETE_OIDC_PROVIDER ||
        s->op_type == RGW_OP_GET_OIDC_PROVIDER ||
-      s->op_type == RGW_OP_LIST_OIDC_PROVIDERS) {
+      s->op_type == RGW_OP_LIST_OIDC_PROVIDERS ||
+      s->op_type == RGW_OP_PUBSUB_TOPIC_CREATE ||
+      s->op_type == RGW_OP_PUBSUB_TOPICS_LIST ||
+      s->op_type == RGW_OP_PUBSUB_TOPIC_GET ||
+      s->op_type == RGW_OP_PUBSUB_TOPIC_DELETE) {
      is_non_s3_op = true;
    }
  
@@ -5361,6 +5365,8 @@ AWSGeneralAbstractor::get_auth_data_v4(const req_state* const s,
          case RGW_OP_PUT_LC:
          case RGW_OP_SET_REQUEST_PAYMENT:
          case RGW_OP_PUBSUB_NOTIF_CREATE:
+        case RGW_OP_PUBSUB_NOTIF_DELETE:
+        case RGW_OP_PUBSUB_NOTIF_LIST:
          case RGW_OP_PUT_BUCKET_OBJ_LOCK:
          case RGW_OP_PUT_OBJ_RETENTION:
          case RGW_OP_PUT_OBJ_LEGAL_HOLD:
diff --git a/src/test/rgw/rgw_multi/zone_ps.py b/src/test/rgw/rgw_multi/zone_ps.py

index 9f55626d21181f796c150fc80f9ec0715df9d3c5..0553f8061b7074c441765ef8a908466801c4ecae 100644 (file)
--- a/src/test/rgw/rgw_multi/zone_ps.py
+++ b/src/test/rgw/rgw_multi/zone_ps.py
@@ -18,8 +18,7 @@ def put_object_tagging(conn, bucket_name, key, tags):
      client = boto3.client('s3',
              endpoint_url='http://'+conn.host+':'+str(conn.port),
              aws_access_key_id=conn.aws_access_key_id,
-            aws_secret_access_key=conn.aws_secret_access_key,
-            config=Config(signature_version='s3'))
+            aws_secret_access_key=conn.aws_secret_access_key)
      return client.put_object(Body='aaaaaaaaaaa', Bucket=bucket_name, Key=key, Tagging=tags)
  
  
@@ -27,8 +26,7 @@ def get_object_tagging(conn, bucket, object_key):
      client = boto3.client('s3',
              endpoint_url='http://'+conn.host+':'+str(conn.port),
              aws_access_key_id=conn.aws_access_key_id,
-            aws_secret_access_key=conn.aws_secret_access_key,
-            config=Config(signature_version='s3'))
+            aws_secret_access_key=conn.aws_secret_access_key)
      return client.get_object_tagging(
                  Bucket=bucket, 
                  Key=object_key
@@ -156,8 +154,7 @@ def delete_all_s3_topics(zone, region):
                  aws_access_key_id=conn.aws_access_key_id,
                  aws_secret_access_key=conn.aws_secret_access_key,
                  region_name=region,
-                verify='./cert.pem',
-                config=Config(signature_version='s3'))
+                verify='./cert.pem')
  
          topics = client.list_topics()['Topics']
          for topic in topics:
@@ -206,8 +203,7 @@ class PSTopicS3:
                             aws_access_key_id=conn.aws_access_key_id,
                             aws_secret_access_key=conn.aws_secret_access_key,
                             region_name=region,
-                           verify='./cert.pem',
-                           config=Config(signature_version='s3'))
+                           verify='./cert.pem')
  
  
      def get_config(self):
@@ -335,8 +331,7 @@ class PSNotificationS3:
          self.client = boto3.client('s3',
                                     endpoint_url='http://'+conn.host+':'+str(conn.port),
                                     aws_access_key_id=conn.aws_access_key_id,
-                                   aws_secret_access_key=conn.aws_secret_access_key,
-                                   config=Config(signature_version='s3'))
+                                   aws_secret_access_key=conn.aws_secret_access_key)
  
      def send_request(self, method, parameters=None):
          """send request to radosgw"""
author	Yuval Lifshitz <ylifshit@redhat.com>
	Thu, 24 Jun 2021 14:55:24 +0000 (17:55 +0300)
committer	Yuval Lifshitz <ylifshit@redhat.com>
	Fri, 27 Aug 2021 08:34:14 +0000 (11:34 +0300)
examples/boto3/README.md		patch \| blob \| history
src/rgw/rgw_rest_s3.cc		patch \| blob \| history
src/test/rgw/rgw_multi/zone_ps.py		patch \| blob \| history