Skip to content

Commit

Permalink
Remove trailing periods per path segment when retrieving blob URLs
Browse files Browse the repository at this point in the history 
The Azure backend will ignore trailing periods when comparing the
generated SAS token remotely, this strips it from retrieving files
to allow generating the same signature that Azure will compare with
in the backend.

References:
https://gitlab.com/gitlab-org/gitlab/-/issues/332027
Azure/azure-storage-ruby#191
  • Loading branch information
Catalin Irimie committed Jun 9, 2021
1 parent c5b4486 commit 81460d4
Show file tree
Hide file tree
Showing 5 changed files with 41 additions and 0 deletions.
1 change: 1 addition & 0 deletions lib/fog/azurerm/requests/storage/get_blob_http_url.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ class Real
#
def get_blob_http_url(container_name, blob_name, expires)
relative_path = "#{container_name}/#{blob_name}"
relative_path = remove_trailing_periods_from_path_segments(relative_path)
params = {
service: 'b',
resource: 'b',
Expand Down
1 change: 1 addition & 0 deletions lib/fog/azurerm/requests/storage/get_blob_https_url.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ class Real
#
def get_blob_https_url(container_name, blob_name, expires)
relative_path = "#{container_name}/#{blob_name}"
relative_path = remove_trailing_periods_from_path_segments(relative_path)
params = {
service: 'b',
resource: 'b',
Expand Down
4 changes: 4 additions & 0 deletions lib/fog/azurerm/utilities/general.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,3 +189,7 @@ def get_image_name(id)
def get_subscription_id(id)
id.split('/')[2]
end

def remove_trailing_periods_from_path_segments(path)
path.split('/').map { |segment| segment.gsub(/\.*$/, '') }.join('/')
end
16 changes: 16 additions & 0 deletions test/requests/storage/test_get_blob_http_url.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,22 @@ def test_get_blob_http_url_success
end
end

def test_get_url_remove_trailing_periods_from_path_segments
mock_generate_uri = Minitest::Mock.new
mock_generate_service_token = Minitest::Mock.new

mock_generate_uri.expect(:call, @url, ['.test0/..test1/...test2', {}, { encode: true }])
mock_generate_service_token.expect(:call, @token) do |relative_path, _|
relative_path == '.test0/..test1/...test2'
end

@blob_client.stub :generate_uri, mock_generate_uri do
@signature_client.stub :generate_service_sas_token, mock_generate_service_token do
assert_equal "#{@url}?#{@token}", @service.get_blob_http_url('.test0.', '..test1../...test2...', Time.now.utc + 3600)
end
end
end

def test_get_blob_http_url_mock
assert_equal "#{@url}?#{@token}", @mock_service.get_blob_http_url('test_container', 'test_blob', Time.now.utc + 3600)
end
Expand Down
19 changes: 19 additions & 0 deletions test/requests/storage/test_get_blob_https_url.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,25 @@ def test_get_blob_https_url_success
end
end

def test_get_url_remove_trailing_periods_from_path_segments
mock_generate_uri = Minitest::Mock.new
mock_generate_service_token = Minitest::Mock.new

2.times do
mock_generate_uri.expect(:call, @url, ['.test0/..test1/...test2', {}, { encode: true }])
mock_generate_service_token.expect(:call, @token) do |relative_path, _|
relative_path == '.test0/..test1/...test2'
end
end

@blob_client.stub :generate_uri, mock_generate_uri do
@signature_client.stub :generate_service_sas_token, mock_generate_service_token do
assert_equal "#{@url}?#{@token}", @service.get_blob_https_url('.test0.', '..test1../...test2...', Time.now.utc + 3600)
assert_equal "#{@url}?#{@token}", @service.get_object_url('.test0.', '..test1../...test2...', Time.now.utc + 3600)
end
end
end

def test_get_blob_https_url_with_domain_success
service = Fog::Storage::AzureRM.new(storage_account_credentials_with_domain)
blob_client = service.instance_variable_get(:@blob_client)
Expand Down

0 comments on commit 81460d4

Please sign in to comment.