def test_find_multipart_key_value(self): headers = { "Host": "10.0.1.19:4572", "User-Agent": "curl/7.51.0", "Accept": "*/*", "Content-Length": "992", "Expect": "100-continue", "Content-Type": "multipart/form-data; boundary=------------------------3c48c744237517ac", } data1 = ( b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="key"\r\n\r\n' b"uploads/20170826T181315.679087009Z/upload/pixel.png\r\n--------------------------3c48c744237517ac" b'\r\nContent-Disposition: form-data; name="success_action_redirect"\r\n\r\nhttp://127.0.0.1:5000/' b"?id=20170826T181315.679087009Z\r\n--------------------------3c48c744237517ac--\r\n" ) data2 = ( b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="key"\r\n\r\n' b"uploads/20170826T181315.679087009Z/upload/pixel.png\r\n--------------------------3c48c744237517ac" b"--\r\n" ) data3 = ( b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="success_action_' b'redirect"\r\n\r\nhttp://127.0.0.1:5000/?id=20170826T181315.679087009Z\r\n--------------------------' b"3c48c744237517ac--\r\n" ) data4 = ( b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="key"\r\n\r\n' b"uploads/20170826T181315.679087009Z/upload/pixel.png\r\n--------------------------3c48c744237517ac" b'\r\nContent-Disposition: form-data; name="success_action_status"\r\n\r\n201' b"\r\n--------------------------3c48c744237517ac--\r\n" ) key1, url1 = multipart_content.find_multipart_key_value(data1, headers) self.assertEqual("uploads/20170826T181315.679087009Z/upload/pixel.png", key1) self.assertEqual("http://127.0.0.1:5000/?id=20170826T181315.679087009Z", url1) key2, url2 = multipart_content.find_multipart_key_value(data2, headers) self.assertEqual("uploads/20170826T181315.679087009Z/upload/pixel.png", key2) self.assertIsNone(url2, "Should not get a redirect URL without success_action_redirect") key3, url3 = multipart_content.find_multipart_key_value(data3, headers) self.assertIsNone(key3, "Should not get a key without provided key") self.assertIsNone(url3, "Should not get a redirect URL without provided key") key4, status_code = multipart_content.find_multipart_key_value( data4, headers, "success_action_status" ) self.assertEqual("uploads/20170826T181315.679087009Z/upload/pixel.png", key4) self.assertEqual("201", status_code)
def test_find_multipart_key_value(self): headers = {'Host': '10.0.1.19:4572', 'User-Agent': 'curl/7.51.0', 'Accept': '*/*', 'Content-Length': '992', 'Expect': '100-continue', 'Content-Type': 'multipart/form-data; boundary=------------------------3c48c744237517ac'} data1 = (b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="key"\r\n\r\n' b'uploads/20170826T181315.679087009Z/upload/pixel.png\r\n--------------------------3c48c744237517ac' b'\r\nContent-Disposition: form-data; name="success_action_redirect"\r\n\r\nhttp://127.0.0.1:5000/' b'?id=20170826T181315.679087009Z\r\n--------------------------3c48c744237517ac--\r\n') data2 = (b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="key"\r\n\r\n' b'uploads/20170826T181315.679087009Z/upload/pixel.png\r\n--------------------------3c48c744237517ac' b'--\r\n') data3 = (b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="success_action_' b'redirect"\r\n\r\nhttp://127.0.0.1:5000/?id=20170826T181315.679087009Z\r\n--------------------------' b'3c48c744237517ac--\r\n') data4 = (b'--------------------------3c48c744237517ac\r\nContent-Disposition: form-data; name="key"\r\n\r\n' b'uploads/20170826T181315.679087009Z/upload/pixel.png\r\n--------------------------3c48c744237517ac' b'\r\nContent-Disposition: form-data; name="success_action_status"\r\n\r\n201' b'\r\n--------------------------3c48c744237517ac--\r\n') key1, url1 = multipart_content.find_multipart_key_value(data1, headers) self.assertEqual(key1, 'uploads/20170826T181315.679087009Z/upload/pixel.png') self.assertEqual(url1, 'http://127.0.0.1:5000/?id=20170826T181315.679087009Z') key2, url2 = multipart_content.find_multipart_key_value(data2, headers) self.assertEqual(key2, 'uploads/20170826T181315.679087009Z/upload/pixel.png') self.assertIsNone(url2, 'Should not get a redirect URL without success_action_redirect') key3, url3 = multipart_content.find_multipart_key_value(data3, headers) self.assertIsNone(key3, 'Should not get a key without provided key') self.assertIsNone(url3, 'Should not get a redirect URL without provided key') key4, status_code = multipart_content.find_multipart_key_value(data4, headers, 'success_action_status') self.assertEqual(key4, 'uploads/20170826T181315.679087009Z/upload/pixel.png') self.assertEqual(status_code, '201')
def return_response(self, method, path, data, headers, response): path = to_str(path) method = to_str(method) bucket_name = get_bucket_name(path, headers) # No path-name based bucket name? Try host-based hostname_parts = headers['host'].split('.') if (not bucket_name or len(bucket_name) == 0) and len(hostname_parts) > 1: bucket_name = hostname_parts[0] # POST requests to S3 may include a success_action_redirect or # success_action_status field, which should be used to redirect a # client to a new location. key = None if method == 'POST': key, redirect_url = multipart_content.find_multipart_key_value(data, headers) if key and redirect_url: response.status_code = 303 response.headers['Location'] = expand_redirect_url(redirect_url, key, bucket_name) LOGGER.debug('S3 POST {} to {}'.format(response.status_code, response.headers['Location'])) key, status_code = multipart_content.find_multipart_key_value( data, headers, 'success_action_status') if response.status_code == 200 and status_code == '201' and key: response.status_code = 201 response._content = self.get_201_reponse(key, bucket_name) response.headers['Content-Length'] = str(len(response._content)) response.headers['Content-Type'] = 'application/xml; charset=utf-8' return response parsed = urlparse.urlparse(path) bucket_name_in_host = headers['host'].startswith(bucket_name) should_send_notifications = all([ method in ('PUT', 'POST', 'DELETE'), '/' in path[1:] or bucket_name_in_host, # check if this is an actual put object request, because it could also be # a put bucket request with a path like this: /bucket_name/ bucket_name_in_host or (len(path[1:].split('/')) > 1 and len(path[1:].split('/')[1]) > 0), self.is_query_allowable(method, parsed.query) ]) # get subscribers and send bucket notifications if should_send_notifications: # if we already have a good key, use it, otherwise examine the path if key: object_path = '/' + key elif bucket_name_in_host: object_path = parsed.path else: parts = parsed.path[1:].split('/', 1) object_path = parts[1] if parts[1][0] == '/' else '/%s' % parts[1] version_id = response.headers.get('x-amz-version-id', None) send_notifications(method, bucket_name, object_path, version_id) # publish event for creation/deletion of buckets: if method in ('PUT', 'DELETE') and ('/' not in path[1:] or len(path[1:].split('/')[1]) <= 0): event_type = (event_publisher.EVENT_S3_CREATE_BUCKET if method == 'PUT' else event_publisher.EVENT_S3_DELETE_BUCKET) event_publisher.fire_event(event_type, payload={'n': event_publisher.get_hash(bucket_name)}) # fix an upstream issue in moto S3 (see https://github.com/localstack/localstack/issues/382) if method == 'PUT' and parsed.query == 'policy': response._content = '' response.status_code = 204 return response # emulate ErrorDocument functionality if a website is configured if method == 'GET' and response.status_code == 404 and parsed.query != 'website': s3_client = aws_stack.connect_to_service('s3') try: # Verify the bucket exists in the first place--if not, we want normal processing of the 404 s3_client.head_bucket(Bucket=bucket_name) website_config = s3_client.get_bucket_website(Bucket=bucket_name) error_doc_key = website_config.get('ErrorDocument', {}).get('Key') if error_doc_key: error_object = s3_client.get_object(Bucket=bucket_name, Key=error_doc_key) response.status_code = 200 response._content = error_object['Body'].read() response.headers['content-length'] = len(response._content) except ClientError: # Pass on the 404 as usual pass if response: reset_content_length = False # append CORS headers and other annotations/patches to response append_cors_headers(bucket_name, request_method=method, request_headers=headers, response=response) append_last_modified_headers(response=response) append_list_objects_marker(method, path, data, response) fix_location_constraint(response) fix_range_content_type(bucket_name, path, headers, response) fix_delete_objects_response(bucket_name, method, parsed, data, headers, response) fix_metadata_key_underscores(response=response) fix_creation_date(method, path, response=response) fix_etag_for_multipart(data, headers, response) # Remove body from PUT response on presigned URL # https://github.com/localstack/localstack/issues/1317 if method == 'PUT' and ('X-Amz-Security-Token=' in path or 'X-Amz-Credential=' in path or 'AWSAccessKeyId=' in path): response._content = '' reset_content_length = True response_content_str = None try: response_content_str = to_str(response._content) except Exception: pass # Honor response header overrides # https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectGET.html if method == 'GET': query_map = urlparse.parse_qs(parsed.query, keep_blank_values=True) for param_name, header_name in ALLOWED_HEADER_OVERRIDES.items(): if param_name in query_map: response.headers[header_name] = query_map[param_name][0] if response_content_str and response_content_str.startswith('<'): is_bytes = isinstance(response._content, six.binary_type) response._content = response_content_str append_last_modified_headers(response=response, content=response_content_str) # We need to un-pretty-print the XML, otherwise we run into this issue with Spark: # https://github.com/jserver/mock-s3/pull/9/files # https://github.com/localstack/localstack/issues/183 # Note: yet, we need to make sure we have a newline after the first line: <?xml ...>\n # Note: make sure to return XML docs verbatim: https://github.com/localstack/localstack/issues/1037 if method != 'GET' or not is_object_specific_request(path, headers): response._content = re.sub(r'([^\?])>\n\s*<', r'\1><', response_content_str, flags=re.MULTILINE) # update Location information in response payload response._content = self._update_location(response._content, bucket_name) # convert back to bytes if is_bytes: response._content = to_bytes(response._content) # fix content-type: https://github.com/localstack/localstack/issues/618 # https://github.com/localstack/localstack/issues/549 # https://github.com/localstack/localstack/issues/854 if 'text/html' in response.headers.get('Content-Type', '') \ and not response_content_str.lower().startswith('<!doctype html'): response.headers['Content-Type'] = 'application/xml; charset=utf-8' reset_content_length = True # update content-length headers (fix https://github.com/localstack/localstack/issues/541) if method == 'DELETE': reset_content_length = True if reset_content_length: response.headers['content-length'] = len(response._content)
def forward_request(self, method, path, data, headers): # parse path and query params parsed_path = urlparse.urlparse(path) # Make sure we use 'localhost' as forward host, to ensure moto uses path style addressing. # Note that all S3 clients using LocalStack need to enable path style addressing. if 's3.amazonaws.com' not in headers.get('host', ''): headers['host'] = 'localhost' # check content md5 hash integrity if not a copy request if 'Content-MD5' in headers and not self.is_s3_copy_request(headers, path): response = check_content_md5(data, headers) if response is not None: return response modified_data = None # check bucket name bucket_name = get_bucket_name(path, headers) if method == 'PUT' and not re.match(BUCKET_NAME_REGEX, bucket_name): if len(parsed_path.path) <= 1: return error_response('Unable to extract valid bucket name. Please ensure that your AWS SDK is ' + 'configured to use path style addressing, or send a valid <Bucket>.s3.amazonaws.com "Host" header', 'InvalidBucketName', status_code=400) return error_response('The specified bucket is not valid.', 'InvalidBucketName', status_code=400) # TODO: For some reason, moto doesn't allow us to put a location constraint on us-east-1 to_find = to_bytes('<LocationConstraint>us-east-1</LocationConstraint>') if data and data.startswith(to_bytes('<')) and to_find in data: modified_data = data.replace(to_find, to_bytes('')) # If this request contains streaming v4 authentication signatures, strip them from the message # Related isse: https://github.com/localstack/localstack/issues/98 # TODO we should evaluate whether to replace moto s3 with scality/S3: # https://github.com/scality/S3/issues/237 if headers.get(CONTENT_SHA256_HEADER) == STREAMING_HMAC_PAYLOAD: modified_data = strip_chunk_signatures(modified_data or data) headers['Content-Length'] = headers.get('x-amz-decoded-content-length') # POST requests to S3 may include a "${filename}" placeholder in the # key, which should be replaced with an actual file name before storing. if method == 'POST': original_data = modified_data or data expanded_data = multipart_content.expand_multipart_filename(original_data, headers) if expanded_data is not original_data: modified_data = expanded_data # If no content-type is provided, 'binary/octet-stream' should be used # src: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPUT.html if method == 'PUT' and not headers.get('content-type'): headers['content-type'] = 'binary/octet-stream' # parse query params query = parsed_path.query path = parsed_path.path bucket = path.split('/')[1] query_map = urlparse.parse_qs(query, keep_blank_values=True) # remap metadata query params (not supported in moto) to request headers append_metadata_headers(method, query_map, headers) # apply fixes headers_changed = fix_metadata_key_underscores(request_headers=headers) if query == 'notification' or 'notification' in query_map: # handle and return response for ?notification request response = handle_notification_request(bucket, method, data) return response # if the Expires key in the url is already expired then return error if method == 'GET' and 'Expires' in query_map: if is_url_already_expired(query_map.get('Expires')[0]): return token_expired_error(path, headers.get('x-amz-request-id'), 400) # If multipart POST with policy in the params, return error if the policy has expired if method == 'POST': policy_key, policy_value = multipart_content.find_multipart_key_value(data, headers, 'policy') if policy_key and policy_value: policy = json.loads(base64.b64decode(policy_value).decode('utf-8')) expiration_string = policy.get('expiration', None) # Example: 2020-06-05T13:37:12Z if expiration_string: expiration_datetime = datetime.datetime.strptime(expiration_string, POLICY_EXPIRATION_FORMAT) expiration_timestamp = expiration_datetime.timestamp() if is_url_already_expired(expiration_timestamp): return token_expired_error(path, headers.get('x-amz-request-id'), 400) if query == 'cors' or 'cors' in query_map: if method == 'GET': return get_cors(bucket) if method == 'PUT': return set_cors(bucket, data) if method == 'DELETE': return delete_cors(bucket) if query == 'lifecycle' or 'lifecycle' in query_map: if method == 'GET': return get_lifecycle(bucket) if method == 'PUT': return set_lifecycle(bucket, data) if query == 'replication' or 'replication' in query_map: if method == 'GET': return get_replication(bucket) if method == 'PUT': return set_replication(bucket, data) if query == 'encryption' or 'encryption' in query_map: if method == 'GET': return get_encryption(bucket) if method == 'PUT': return set_encryption(bucket, data) if query == 'object-lock' or 'object-lock' in query_map: if method == 'GET': return get_object_lock(bucket) if method == 'PUT': return set_object_lock(bucket, data) if modified_data is not None or headers_changed: return Request(data=modified_data or data, headers=headers, method=method) return True