From: Nithya Balachandran <nithya.balachandran@ibm.com>
Date: Wed, 22 Apr 2026 09:31:34 +0000 (+0000)
Subject: rgw/bucket-logging: handle SigV2 presigned URLs
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F68540%2Fhead;p=ceph.git

rgw/bucket-logging: handle SigV2 presigned URLs

Presigned URLs using SigV2 do not contain x-amz-credential causing the
log record field Authentication Type to be incorrectly set to '-'.
This has been fixed to check for the presence of the x-amz-expires and Expires
parameters instead.

Fixes: https://tracker.ceph.com/issues/76206

Signed-off-by: Nithya Balachandran <nithya.balachandran@ibm.com>
---

diff --git a/src/rgw/rgw_auth_s3.cc b/src/rgw/rgw_auth_s3.cc
index c14a937685aa..8e4ccd8c93ba 100644
--- a/src/rgw/rgw_auth_s3.cc
+++ b/src/rgw/rgw_auth_s3.cc
@@ -1760,7 +1760,10 @@ void get_aws_version_and_auth_type(const req_state* s, string& aws_version, stri
       aws_version = "SigV2";
     }
   } else {
-    if (!s->info.args.get("x-amz-credential").empty()) {
+    // Expires is characteristic of the older Signature Version 2,
+    //  while X-Amz-Expires is used in Signature Version 4 (SigV4)
+    if (!s->info.args.get("x-amz-expires").empty() ||
+        !s->info.args.get("Expires").empty()) {
       auth_type = "QueryString";
       if (s->info.args.get("x-amz-algorithm") == AWS4_HMAC_SHA256_STR) {
       /* AWS v4 */