rgw: handle AWS4 auth case when query string exists

Crafts the canonical query string. URI-encode each parameter name and
value properly.

Fixes: #10333
Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 41b7e7cfd67eb79e70ca66f131008c8b18de020f..19ae13a7f40af0a0cdeff94b97ef4d057668a35d 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -2833,10 +2833,37 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s)
 
   if (!canonical_qs.empty()) {
 
-    /* TODO: implement step 3 in
+    /* handle case when query string exists. Step 3 in
      * http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html */
 
-    /* handle case when query string exists */
+    map<string, string> canonical_qs_map;
+    istringstream cqs(canonical_qs);
+    string keyval;
+
+    while (getline(cqs, keyval, '&')) {
+      string key, val;
+      istringstream kv(keyval);
+      getline(kv, key, '=');
+      getline(kv, val, '=');
+      string key_enc, val_enc;
+      url_encode(key, key_enc);
+      url_encode(val, val_enc);
+      canonical_qs_map[key_enc] = val_enc;
+    }
+
+    canonical_qs = "";
+
+    map<string, string>::iterator last = canonical_qs_map.end();
+    --last;
+
+    for (map<string, string>::iterator it = canonical_qs_map.begin();
+        it != canonical_qs_map.end(); ++it) {
+      canonical_qs.append(it->first + "=" + it->second);
+      if (it != last) {
+        canonical_qs.append("&");
+      }
+    }
+
   }
 
   /* craft canonical headers */