diff options
Diffstat (limited to 'weed/s3api/s3api_server.go')
| -rw-r--r-- | weed/s3api/s3api_server.go | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/weed/s3api/s3api_server.go b/weed/s3api/s3api_server.go index 2f9e9e3fb..f0aaa3985 100644 --- a/weed/s3api/s3api_server.go +++ b/weed/s3api/s3api_server.go @@ -8,6 +8,7 @@ import ( "strings" "time" + "github.com/seaweedfs/seaweedfs/weed/credential" "github.com/seaweedfs/seaweedfs/weed/filer" "github.com/seaweedfs/seaweedfs/weed/glog" "github.com/seaweedfs/seaweedfs/weed/pb/s3_pb" @@ -41,16 +42,21 @@ type S3ApiServerOption struct { type S3ApiServer struct { s3_pb.UnimplementedSeaweedS3Server - option *S3ApiServerOption - iam *IdentityAccessManagement - cb *CircuitBreaker - randomClientId int32 - filerGuard *security.Guard - client util_http_client.HTTPClientInterface - bucketRegistry *BucketRegistry + option *S3ApiServerOption + iam *IdentityAccessManagement + cb *CircuitBreaker + randomClientId int32 + filerGuard *security.Guard + client util_http_client.HTTPClientInterface + bucketRegistry *BucketRegistry + credentialManager *credential.CredentialManager } func NewS3ApiServer(router *mux.Router, option *S3ApiServerOption) (s3ApiServer *S3ApiServer, err error) { + return NewS3ApiServerWithStore(router, option, "") +} + +func NewS3ApiServerWithStore(router *mux.Router, option *S3ApiServerOption, explicitStore string) (s3ApiServer *S3ApiServer, err error) { startTsNs := time.Now().UnixNano() v := util.GetViper() @@ -64,19 +70,25 @@ func NewS3ApiServer(router *mux.Router, option *S3ApiServerOption) (s3ApiServer v.SetDefault("cors.allowed_origins.values", "*") - if (option.AllowedOrigins == nil) || (len(option.AllowedOrigins) == 0) { + if len(option.AllowedOrigins) == 0 { allowedOrigins := v.GetString("cors.allowed_origins.values") domains := strings.Split(allowedOrigins, ",") option.AllowedOrigins = domains } + var iam *IdentityAccessManagement + + iam = NewIdentityAccessManagementWithStore(option, explicitStore) + s3ApiServer = &S3ApiServer{ - option: option, - iam: NewIdentityAccessManagement(option), - randomClientId: util.RandomInt32(), - filerGuard: security.NewGuard([]string{}, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec), - cb: NewCircuitBreaker(option), + option: option, + iam: iam, + randomClientId: util.RandomInt32(), + filerGuard: security.NewGuard([]string{}, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec), + cb: NewCircuitBreaker(option), + credentialManager: iam.credentialManager, } + if option.Config != "" { grace.OnReload(func() { if err := s3ApiServer.iam.loadS3ApiConfigurationFromFile(option.Config); err != nil { @@ -119,7 +131,7 @@ func (s3a *S3ApiServer) registerRouter(router *mux.Router) { func(w http.ResponseWriter, r *http.Request) { origin := r.Header.Get("Origin") if origin != "" { - if s3a.option.AllowedOrigins == nil || len(s3a.option.AllowedOrigins) == 0 || s3a.option.AllowedOrigins[0] == "*" { + if len(s3a.option.AllowedOrigins) == 0 || s3a.option.AllowedOrigins[0] == "*" { origin = "*" } else { originFound := false |