s3api: Allow lower-cased region name for AWS .NET SDK compatibility

When I call the S3 API using the AWS .NET SDK, I get the following error.

An error occurred (AuthorizationHeaderMalformed) when calling the
ListBuckets operation: The authorization header is malformed;
the region 'regionone' is wrong; expecting 'RegionOne'

The reason is that the AWS .NET SDK generates a signature by changing
the region name to lowercase. (AWS region names are all lowercase.)
The default region name of OpenStack is RegionOne, and custom region
names with capital letters can also be used.
If you set the location of the S3 API to a region name containing
uppercase letters, the AWS .NET SDK cannot be used.

There are two ways to solve this problem.

1. Force the location item of S3 API middleware setting to be set
   to lower case.
2. If the request contains credentail parameters that contain the
   lowercase region name, the region name of string_to_sign is
   modified to lowercase to generate a valid signature.

I think the second way is to make it more compatible.

Closes-Bug: #1888444
Change-Id: Ifb58b854b93725ed2a1e3bbd87f447f2ab40ea91
This commit is contained in:
arzhna 2020-07-22 09:49:17 +09:00
parent 1c91547643
commit 3a6e85d9ec

View File

@ -283,6 +283,12 @@ class SigV4Mixin(object):
if cred_param[key] != self.scope[key]:
kwargs = {}
if key == 'region':
# Allow lowercase region name
# for AWS .NET SDK compatibility
if not self.scope[key].islower() and \
cred_param[key] == self.scope[key].lower():
self.location = self.location.lower()
continue
kwargs = {'region': self.scope['region']}
raise AuthorizationQueryParametersError(
invalid_messages[key] % (cred_param[key], self.scope[key]),
@ -325,6 +331,12 @@ class SigV4Mixin(object):
if cred_param[key] != self.scope[key]:
kwargs = {}
if key == 'region':
# Allow lowercase region name
# for AWS .NET SDK compatibility
if not self.scope[key].islower() and \
cred_param[key] == self.scope[key].lower():
self.location = self.location.lower()
continue
kwargs = {'region': self.scope['region']}
raise AuthorizationHeaderMalformed(
invalid_messages[key] % (cred_param[key], self.scope[key]),