Added start parametr: useSignedUrl, accessKey, secretAccessKey. s3rve…

…r getObject only through signed url
agolybev · Sep 3, 2015 · 1eaac4f · 1eaac4f
1 parent 3c61351
commit 1eaac4f
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 5 deletions.
diff --git a/bin/s3rver.js b/bin/s3rver.js
@@ -13,6 +13,9 @@ program.option('-h, --hostname [value]', 'Set the host name or ip for the server
   .option('-i, --indexDocumement', 'Index Document for Static Web Hosting', '')
   .option('-e, --errorDocument', 'Custom Error Document for Static Web Hosting', '')
   .option('-d, --directory [path]', 'Data directory')
+  .option('-u, --useSignedUrl [value]', 'UseSignedUrl', false)
+  .option('-a, --accessKey [value]', 'AccessKey')
+  .option('-k, --secretAccessKey [value]', 'SecretAccessKey')
   .parse(process.argv);
 
 if (program.directory === undefined) {
@@ -38,6 +41,9 @@ s3rver.setHostname(program.hostname)
   .setSilent(program.silent)
   .setIndexDocument(program.indexDocumement)
   .setErrorDocument(program.errorDocument)
+  .setUseSignedUrl(program.useSignedUrl)
+  .setAccessKey(program.accessKey)
+  .setSecretAccessKey(program.secretAccessKey)
   .run(function (err, host, port) {
     console.log('now listening on host %s and port %d', host, port);
   });
diff --git a/lib/app.js b/lib/app.js
@@ -1,10 +1,10 @@
 'use strict';
-var app = function (hostname, port, directory, silent, indexDocument, errorDocument) {
+var app = function (hostname, port, directory, silent, indexDocument, errorDocument, useSignedUrl, accessKey, secretAccessKey) {
   var express     = require('express'),
       app         = express(),
       logger      = require('./logger')(silent),
       Controllers = require('./controllers'),
-      controllers = new Controllers(directory, logger, indexDocument, errorDocument),
+      controllers = new Controllers(directory, logger, indexDocument, errorDocument, useSignedUrl, accessKey, secretAccessKey),
       concat      = require('concat-stream'),
       path        = require('path');
 

diff --git a/lib/controllers.js b/lib/controllers.js
@@ -2,10 +2,20 @@
 
 var FileStore       = require('./file-store'),
     templateBuilder = require('./xml-template-builder'),
+    s3urlSigner       = require('amazon-s3-url-signer'),
+    url             = require('url'),
     path            = require('path');
 
-module.exports = function (rootDirectory, logger, indexDocument, errorDocument) {
+module.exports = function (rootDirectory, logger, indexDocument, errorDocument, useSignedUrl, accessKey, secretAccessKey) {
   var fileStore = new FileStore(rootDirectory);
+  var awsUrlSigner;
+  if(useSignedUrl) {
+    var signerOptions = {
+      host: 'localhost', port: 80,
+      protocol: 'http', useSubdomain: false
+    };
+    awsUrlSigner = s3urlSigner.urlSigner(accessKey, secretAccessKey, signerOptions);
+  }
 
   var buildXmlResponse = function (res, status, template) {
     res.header('Content-Type', 'application/xml');
@@ -179,6 +189,15 @@ module.exports = function (rootDirectory, logger, indexDocument, errorDocument)
     },
     getObject: function (req, res) {
       var keyName = req.params.key;
+      if(useSignedUrl){
+        var signature = awsUrlSigner.getSignature('GET', keyName, req.bucket.name, req.query.Expires);
+        var dateNow = new Date();
+        var dateExpire = new Date();
+        dateExpire.setTime(parseInt(req.query.Expires) * 1000);
+        if(req.query.Signature !== signature || dateNow > dateExpire) {
+          return errorResponse(req, res, keyName);
+        }
+      }
       var acl = req.query.acl;
       if (acl !== undefined) {
         var template = templateBuilder.buildAcl();

diff --git a/lib/index.js b/lib/index.js
@@ -6,6 +6,9 @@ var S3rver = function () {
   this.silent = false;
   this.indexDocument = '';
   this.errorDocument = '';
+  this.useSignedUrl = false;
+  this.accessKey = '';
+  this.secretAccessKey = '';
 };
 
 S3rver.prototype.setPort = function (port) {
@@ -38,8 +41,24 @@ S3rver.prototype.setErrorDocument = function (errorDocument) {
   return this;
 };
 
+S3rver.prototype.setUseSignedUrl = function (useSignedUrl) {
+  this.useSignedUrl = useSignedUrl;
+  return this;
+};
+
+S3rver.prototype.setAccessKey = function (accessKey) {
+  this.accessKey = accessKey;
+  return this;
+};
+
+S3rver.prototype.setSecretAccessKey = function (secretAccessKey) {
+  this.secretAccessKey = secretAccessKey;
+  return this;
+};
+
 S3rver.prototype.run = function (done) {
-  var app = new App(this.hostname, this.port, this.directory, this.silent, this.indexDocument, this.errorDocument);
+  var app = new App(this.hostname, this.port, this.directory, this.silent, this.indexDocument, this.errorDocument,
+    this.useSignedUrl, this.accessKey, this.secretAccessKey);
   return app.serve(done);
 
 };

diff --git a/package.json b/package.json
@@ -35,7 +35,8 @@
     "mkdirp": "^0.5.0",
     "morgan": "^1.5.1",
     "winston": "^0.8.3",
-    "xmlbuilder": "^2.4.5"
+    "xmlbuilder": "^2.4.5",
+    "amazon-s3-url-signer": "https://github.com/agolybev/amazon-s3-url-signer/archive/0.0.8.tar.gz"
   },
   "devDependencies": {
     "async": "^0.9.0",