From 992283a7087e9d26a51755947433b14ddc8711e7 Mon Sep 17 00:00:00 2001
From: Nithya Balachandran <nithya.balachandran@ibm.com>
Date: Wed, 22 Apr 2026 09:31:34 +0000
Subject: [PATCH] rgw/bucket-logging: handle SigV2 presigned URLs

Presigned URLs using SigV2 do not contain x-amz-credential causing the
log record field Authentication Type to be incorrectly set to '-'.
This has been fixed to check for the presence of the x-amz-expires and Expires
parameters instead.

Fixes: https://tracker.ceph.com/issues/76206

Signed-off-by: Nithya Balachandran <nithya.balachandran@ibm.com>
---
 src/rgw/rgw_auth_s3.cc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/rgw/rgw_auth_s3.cc b/src/rgw/rgw_auth_s3.cc
index c14a937685aa..8e4ccd8c93ba 100644
--- a/src/rgw/rgw_auth_s3.cc
+++ b/src/rgw/rgw_auth_s3.cc
@@ -1760,7 +1760,10 @@ void get_aws_version_and_auth_type(const req_state* s, string& aws_version, stri
       aws_version = "SigV2";
     }
   } else {
-    if (!s->info.args.get("x-amz-credential").empty()) {
+    // Expires is characteristic of the older Signature Version 2,
+    //  while X-Amz-Expires is used in Signature Version 4 (SigV4)
+    if (!s->info.args.get("x-amz-expires").empty() ||
+        !s->info.args.get("Expires").empty()) {
       auth_type = "QueryString";
       if (s->info.args.get("x-amz-algorithm") == AWS4_HMAC_SHA256_STR) {
       /* AWS v4 */
-- 
2.47.3