(r *http.Request, ak string, ck bool)
| 272 | } |
| 273 | |
| 274 | func (o *ObjectNode) getUidSecretKeyWithCheckVol(r *http.Request, ak string, ck bool) (uid, sk string, err error) { |
| 275 | info, err := o.getUserInfoByAccessKey(ak) |
| 276 | if err == nil { |
| 277 | uid, sk = info.UserID, info.SecretKey |
| 278 | return |
| 279 | } |
| 280 | if err == proto.ErrUserNotExists || err == proto.ErrAccessKeyNotExists || err == proto.ErrParamError { |
| 281 | bucket := mux.Vars(r)[ContextKeyBucket] |
| 282 | if len(bucket) > 0 && ck && GetActionFromContext(r) != proto.OSSCreateBucketAction { |
| 283 | // In order to be directly compatible with the signature verification of version 1.5 |
| 284 | // (each volume has its own access key and secret key), if the user does not exist and |
| 285 | // the request specifies a volume, try to use the access key and secret key bound in the |
| 286 | // volume information for verification. |
| 287 | var vol *Volume |
| 288 | if vol, err = o.getVol(bucket); err != nil { |
| 289 | return |
| 290 | } |
| 291 | if ossAk, ossSk := vol.OSSSecure(); ossAk == ak { |
| 292 | uid, sk = vol.GetOwner(), ossSk |
| 293 | return |
| 294 | } |
| 295 | } |
| 296 | err = InvalidAccessKeyId |
| 297 | } |
| 298 | |
| 299 | return |
| 300 | } |
| 301 | |
| 302 | func getSecurityToken(r *http.Request) string { |
| 303 | if token := r.Header.Get(XAmzSecurityToken); token != "" { |
no test coverage detected