Home Explore Help
Sign In
SMusatov
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Files Wiki
Tree: 22362f6495
Branches Tags
seaweedfs
/
weed
/
s3api
/
s3api_server.go

s3api_server.go 9.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209 
  1. package s3api
    2. 

  2. 

  3. import (
    4. 

  4. 	"fmt"
    5. 

  5. 	"net/http"
    6. 

  6. 	"strings"
    7. 

  7. 	"time"
    8. 

  8. 

  9. 	"github.com/chrislusf/seaweedfs/weed/filer"
    10. 

  10. 	"github.com/chrislusf/seaweedfs/weed/pb"
    11. 

  11. 	. "github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
    12. 

  12. 	"github.com/chrislusf/seaweedfs/weed/s3api/s3err"
    13. 

  13. 	"github.com/chrislusf/seaweedfs/weed/security"
    14. 

  14. 	"github.com/chrislusf/seaweedfs/weed/util"
    15. 

  15. 	"github.com/gorilla/mux"
    16. 

  16. 	"google.golang.org/grpc"
    17. 

  17. )
    18. 

  18. 

  19. type S3ApiServerOption struct {
    20. 

  20. 	Filer            pb.ServerAddress
    21. 

  21. 	Port             int
    22. 

  22. 	Config           string
    23. 

  23. 	DomainName       string
    24. 

  24. 	BucketsPath      string
    25. 

  25. 	GrpcDialOption   grpc.DialOption
    26. 

  26. 	AllowEmptyFolder bool
    27. 

  27. }
    28. 

  28. 

  29. type S3ApiServer struct {
    30. 

  30. 	option         *S3ApiServerOption
    31. 

  31. 	iam            *IdentityAccessManagement
    32. 

  32. 	randomClientId int32
    33. 

  33. 	filerGuard     *security.Guard
    34. 

  34. }
    35. 

  35. 

  36. func NewS3ApiServer(router *mux.Router, option *S3ApiServerOption) (s3ApiServer *S3ApiServer, err error) {
    37. 

  37. 	v := util.GetViper()
    38. 

  38. 	signingKey := v.GetString("jwt.filer_signing.key")
    39. 

  39. 	v.SetDefault("jwt.filer_signing.expires_after_seconds", 10)
    40. 

  40. 	expiresAfterSec := v.GetInt("jwt.filer_signing.expires_after_seconds")
    41. 

  41. 

  42. 	readSigningKey := v.GetString("jwt.filer_signing.read.key")
    43. 

  43. 	v.SetDefault("jwt.filer_signing.read.expires_after_seconds", 60)
    44. 

  44. 	readExpiresAfterSec := v.GetInt("jwt.filer_signing.read.expires_after_seconds")
    45. 

  45. 

  46. 	s3ApiServer = &S3ApiServer{
    47. 

  47. 		option:         option,
    48. 

  48. 		iam:            NewIdentityAccessManagement(option),
    49. 

  49. 		randomClientId: util.RandomInt32(),
    50. 

  50. 		filerGuard:     security.NewGuard([]string{}, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec),
    51. 

  51. 	}
    52. 

  52. 

  53. 	s3ApiServer.registerRouter(router)
    54. 

  54. 

  55. 	go s3ApiServer.subscribeMetaEvents("s3", filer.IamConfigDirecotry+"/"+filer.IamIdentityFile, time.Now().UnixNano())
    56. 

  56. 	return s3ApiServer, nil
    57. 

  57. }
    58. 

  58. 

  59. func (s3a *S3ApiServer) registerRouter(router *mux.Router) {
    60. 

  60. 	// API Router
    61. 

  61. 	apiRouter := router.PathPrefix("/").Subrouter()
    62. 

  62. 

  63. 	// Readiness Probe
    64. 

  64. 	apiRouter.Methods("GET").Path("/status").HandlerFunc(s3a.StatusHandler)
    65. 

  65. 

  66. 	var routers []*mux.Router
    67. 

  67. 	if s3a.option.DomainName != "" {
    68. 

  68. 		domainNames := strings.Split(s3a.option.DomainName, ",")
    69. 

  69. 		for _, domainName := range domainNames {
    70. 

  70. 			routers = append(routers, apiRouter.Host(
    71. 

  71. 				fmt.Sprintf("%s.%s:%d", "{bucket:.+}", domainName, s3a.option.Port)).Subrouter())
    72. 

  72. 			routers = append(routers, apiRouter.Host(
    73. 

  73. 				fmt.Sprintf("%s.%s", "{bucket:.+}", domainName)).Subrouter())
    74. 

  74. 		}
    75. 

  75. 	}
    76. 

  76. 	routers = append(routers, apiRouter.PathPrefix("/{bucket}").Subrouter())
    77. 

  77. 

  78. 	for _, bucket := range routers {
    79. 

  79. 

  80. 		// each case should follow the next rule:
    81. 

  81. 		// - requesting object with query must precede any other methods
    82. 

  82. 		// - requesting object must precede any methods with buckets
    83. 

  83. 		// - requesting bucket with query must precede raw methods with buckets
    84. 

  84. 		// - requesting bucket must be processed in the end
    85. 

  85. 

  86. 		// objects with query
    87. 

  87. 

  88. 		// CopyObjectPart
    89. 

  89. 		bucket.Methods("PUT").Path("/{object:.+}").HeadersRegexp("X-Amz-Copy-Source", `.*?(\/|%2F).*?`).HandlerFunc(track(s3a.iam.Auth(s3a.CopyObjectPartHandler, ACTION_WRITE), "PUT")).Queries("partNumber", "{partNumber:[0-9]+}", "uploadId", "{uploadId:.*}")
    90. 

  90. 		// PutObjectPart
    91. 

  91. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.PutObjectPartHandler, ACTION_WRITE), "PUT")).Queries("partNumber", "{partNumber:[0-9]+}", "uploadId", "{uploadId:.*}")
    92. 

  92. 		// CompleteMultipartUpload
    93. 

  93. 		bucket.Methods("POST").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.CompleteMultipartUploadHandler, ACTION_WRITE), "POST")).Queries("uploadId", "{uploadId:.*}")
    94. 

  94. 		// NewMultipartUpload
    95. 

  95. 		bucket.Methods("POST").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.NewMultipartUploadHandler, ACTION_WRITE), "POST")).Queries("uploads", "")
    96. 

  96. 		// AbortMultipartUpload
    97. 

  97. 		bucket.Methods("DELETE").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.AbortMultipartUploadHandler, ACTION_WRITE), "DELETE")).Queries("uploadId", "{uploadId:.*}")
    98. 

  98. 		// ListObjectParts
    99. 

  99. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.ListObjectPartsHandler, ACTION_READ), "GET")).Queries("uploadId", "{uploadId:.*}")
    100. 

  100. 		// ListMultipartUploads
    101. 

  101. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.ListMultipartUploadsHandler, ACTION_READ), "GET")).Queries("uploads", "")
    102. 

  102. 

  103. 		// GetObjectTagging
    104. 

  104. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.GetObjectTaggingHandler, ACTION_READ), "GET")).Queries("tagging", "")
    105. 

  105. 		// PutObjectTagging
    106. 

  106. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.PutObjectTaggingHandler, ACTION_TAGGING), "PUT")).Queries("tagging", "")
    107. 

  107. 		// DeleteObjectTagging
    108. 

  108. 		bucket.Methods("DELETE").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteObjectTaggingHandler, ACTION_TAGGING), "DELETE")).Queries("tagging", "")
    109. 

  109. 

  110. 		// PutObjectACL
    111. 

  111. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.PutObjectAclHandler, ACTION_WRITE), "PUT")).Queries("acl", "")
    112. 

  112. 		// PutObjectRetention
    113. 

  113. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.PutObjectRetentionHandler, ACTION_WRITE), "PUT")).Queries("retention", "")
    114. 

  114. 		// PutObjectLegalHold
    115. 

  115. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.PutObjectLegalHoldHandler, ACTION_WRITE), "PUT")).Queries("legal-hold", "")
    116. 

  116. 		// PutObjectLockConfiguration
    117. 

  117. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.PutObjectLockConfigurationHandler, ACTION_WRITE), "PUT")).Queries("object-lock", "")
    118. 

  118. 

  119. 		// GetObjectACL
    120. 

  120. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.GetObjectAclHandler, ACTION_READ), "GET")).Queries("acl", "")
    121. 

  121. 

  122. 		// objects with query
    123. 

  123. 

  124. 		// raw objects
    125. 

  125. 

  126. 		// HeadObject
    127. 

  127. 		bucket.Methods("HEAD").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.HeadObjectHandler, ACTION_READ), "GET"))
    128. 

  128. 

  129. 		// GetObject, but directory listing is not supported
    130. 

  130. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.GetObjectHandler, ACTION_READ), "GET"))
    131. 

  131. 

  132. 		// CopyObject
    133. 

  133. 		bucket.Methods("PUT").Path("/{object:.+}").HeadersRegexp("X-Amz-Copy-Source", ".*?(\\/|%2F).*?").HandlerFunc(track(s3a.iam.Auth(s3a.CopyObjectHandler, ACTION_WRITE), "COPY"))
    134. 

  134. 		// PutObject
    135. 

  135. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.PutObjectHandler, ACTION_WRITE), "PUT"))
    136. 

  136. 		// DeleteObject
    137. 

  137. 		bucket.Methods("DELETE").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteObjectHandler, ACTION_WRITE), "DELETE"))
    138. 

  138. 

  139. 		// raw objects
    140. 

  140. 

  141. 		// buckets with query
    142. 

  142. 

  143. 		// DeleteMultipleObjects
    144. 

  144. 		bucket.Methods("POST").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteMultipleObjectsHandler, ACTION_WRITE), "DELETE")).Queries("delete", "")
    145. 

  145. 

  146. 		// GetBucketACL
    147. 

  147. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.GetBucketAclHandler, ACTION_READ), "GET")).Queries("acl", "")
    148. 

  148. 		// PutBucketACL
    149. 

  149. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.PutBucketAclHandler, ACTION_WRITE), "PUT")).Queries("acl", "")
    150. 

  150. 

  151. 		// GetBucketPolicy
    152. 

  152. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.GetBucketPolicyHandler, ACTION_READ), "GET")).Queries("policy", "")
    153. 

  153. 		// PutBucketPolicy
    154. 

  154. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.PutBucketPolicyHandler, ACTION_WRITE), "PUT")).Queries("policy", "")
    155. 

  155. 		// DeleteBucketPolicy
    156. 

  156. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteBucketPolicyHandler, ACTION_WRITE), "DELETE")).Queries("policy", "")
    157. 

  157. 

  158. 		// GetBucketCors
    159. 

  159. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.GetBucketCorsHandler, ACTION_READ), "GET")).Queries("cors", "")
    160. 

  160. 		// PutBucketCors
    161. 

  161. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.PutBucketCorsHandler, ACTION_WRITE), "PUT")).Queries("cors", "")
    162. 

  162. 		// DeleteBucketCors
    163. 

  163. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteBucketCorsHandler, ACTION_WRITE), "DELETE")).Queries("cors", "")
    164. 

  164. 

  165. 		// GetBucketLifecycleConfiguration
    166. 

  166. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.GetBucketLifecycleConfigurationHandler, ACTION_READ), "GET")).Queries("lifecycle", "")
    167. 

  167. 		// PutBucketLifecycleConfiguration
    168. 

  168. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.PutBucketLifecycleConfigurationHandler, ACTION_WRITE), "PUT")).Queries("lifecycle", "")
    169. 

  169. 		// DeleteBucketLifecycleConfiguration
    170. 

  170. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteBucketLifecycleHandler, ACTION_WRITE), "DELETE")).Queries("lifecycle", "")
    171. 

  171. 

  172. 		// GetBucketLocation
    173. 

  173. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.GetBucketLocationHandler, ACTION_READ), "GET")).Queries("location", "")
    174. 

  174. 

  175. 		// GetBucketRequestPayment
    176. 

  176. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.GetBucketRequestPaymentHandler, ACTION_READ), "GET")).Queries("requestPayment", "")
    177. 

  177. 

  178. 		// ListObjectsV2
    179. 

  179. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.ListObjectsV2Handler, ACTION_LIST), "LIST")).Queries("list-type", "2")
    180. 

  180. 

  181. 		// buckets with query
    182. 

  182. 

  183. 		// raw buckets
    184. 

  184. 

  185. 		// PostPolicy
    186. 

  186. 		bucket.Methods("POST").HeadersRegexp("Content-Type", "multipart/form-data*").HandlerFunc(track(s3a.iam.Auth(s3a.PostPolicyBucketHandler, ACTION_WRITE), "POST"))
    187. 

  187. 

  188. 		// HeadBucket
    189. 

  189. 		bucket.Methods("HEAD").HandlerFunc(track(s3a.iam.Auth(s3a.HeadBucketHandler, ACTION_READ), "GET"))
    190. 

  190. 

  191. 		// PutBucket
    192. 

  192. 		bucket.Methods("PUT").HandlerFunc(track(s3a.PutBucketHandler, "PUT"))
    193. 

  193. 		// DeleteBucket
    194. 

  194. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteBucketHandler, ACTION_WRITE), "DELETE"))
    195. 

  195. 

  196. 		// ListObjectsV1 (Legacy)
    197. 

  197. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.ListObjectsV1Handler, ACTION_LIST), "LIST"))
    198. 

  198. 

  199. 		// raw buckets
    200. 

  200. 

  201. 	}
    202. 

  202. 

  203. 	// ListBuckets
    204. 

  204. 	apiRouter.Methods("GET").Path("/").HandlerFunc(track(s3a.ListBucketsHandler, "LIST"))
    205. 

  205. 

  206. 	// NotFound
    207. 

  207. 	apiRouter.NotFoundHandler = http.HandlerFunc(s3err.NotFoundHandler)
    208. 

  208. 

  209. }
    210.