Skip to content

Commit

Permalink
feat(storage): Respect custom endpoint for signed_url (#25469)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bajajneha27
bajajneha27 committed Apr 24, 2024
1 parent 25a0b06 commit e95b075
Show file tree
Hide file tree
Showing 9 changed files with 297 additions and 6 deletions.
3 changes: 2 additions & 1 deletion google-cloud-storage/lib/google/cloud/storage/file/signer_v2.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,8 @@ def ext_path
##
# The external url to the file.
def ext_url
"#{GOOGLEAPIS_URL}#{ext_path}"
root_url = @service.service.root_url.chomp "/"
"#{root_url}#{ext_path}"
end

def apply_option_defaults options
Expand Down
2 changes: 1 addition & 1 deletion google-cloud-storage/lib/google/cloud/storage/file/signer_v4.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -301,7 +301,7 @@ def bucket_path path_style
##
# The external url to the file.
def ext_url scheme, virtual_hosted_style, bucket_bound_hostname
url = GOOGLEAPIS_URL.dup
url = @service.service.root_url.chomp "/"
if virtual_hosted_style
parts = url.split "//"
parts[1] = "#{@bucket_name}.#{parts[1]}"
Expand Down
42 changes: 41 additions & 1 deletion google-cloud-storage/test/google/cloud/storage/bucket_signed_url_v2_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,9 @@
let(:bucket_name) { "bucket" }
let(:bucket_gapi) { Google::Apis::StorageV1::Bucket.from_json random_bucket_hash(name: bucket_name).to_json }
let(:bucket) { Google::Cloud::Storage::Bucket.from_gapi bucket_gapi, storage.service }

let(:file_path) { "file.ext" }
let(:custom_universe_domain) { "mydomain1.com" }
let(:custom_endpoint) { "https://storage.#{custom_universe_domain}/" }

it "accepts missing path argument to return URL for listing objects in bucket" do
Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
Expand Down Expand Up @@ -236,6 +237,45 @@
end
end

describe "Supports custom endpoint" do
it "returns signed_url with custom universe_domain" do
service = Google::Cloud::Storage::Service.new project, credentials, universe_domain: custom_universe_domain
bucket = Google::Cloud::Storage::Bucket.from_gapi bucket_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GET\n\n\n1325376300\n/bucket/file.ext"]

credentials.issuer = "native_client_email"
credentials.signing_key = signing_key_mock

signed_url = bucket.signed_url file_path

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end

it "returns signed_url with custom endpoint" do
service = Google::Cloud::Storage::Service.new project, credentials, host: custom_endpoint
bucket = Google::Cloud::Storage::Bucket.from_gapi bucket_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GET\n\n\n1325376300\n/bucket/file.ext"]

signed_url = bucket.signed_url file_path, issuer: "native_client_email", signing_key: signing_key_mock

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end
end

class PoisonSigningKey
def sign kind, sig
raise "The wrong signing_key was used"
Expand Down
43 changes: 42 additions & 1 deletion google-cloud-storage/test/google/cloud/storage/bucket_signed_url_v4_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,9 @@
let(:bucket_name) { "bucket" }
let(:bucket_gapi) { Google::Apis::StorageV1::Bucket.from_json random_bucket_hash(name: bucket_name).to_json }
let(:bucket) { Google::Cloud::Storage::Bucket.from_gapi bucket_gapi, storage.service }

let(:file_path) { "file.ext" }
let(:custom_universe_domain) { "mydomain1.com" }
let(:custom_endpoint) { "https://storage.#{custom_universe_domain}/" }

it "accepts missing path argument to return URL for listing objects in bucket" do
Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
Expand Down Expand Up @@ -243,6 +244,46 @@
end
end

describe "Supports custom endpoint" do

it "returns signed_url with custom universe_domain" do
service = Google::Cloud::Storage::Service.new project, credentials, universe_domain: custom_universe_domain
bucket = Google::Cloud::Storage::Bucket.from_gapi bucket_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GOOG4-RSA-SHA256\n20120101T000000Z\n20120101/auto/storage/goog4_request\nc709544abd06ec8c09e9825c9a786a8759cd089bf7c64534ccef6058c0b0f88a"]

credentials.issuer = "native_client_email"
credentials.signing_key = signing_key_mock

signed_url = bucket.signed_url version: :v4

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end

it "returns signed_url with custom endpoint" do
service = Google::Cloud::Storage::Service.new project, credentials, host: custom_endpoint
bucket = Google::Cloud::Storage::Bucket.from_gapi bucket_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GOOG4-RSA-SHA256\n20120101T000000Z\n20120101/auto/storage/goog4_request\ndefeee4e2131c1e8e39d4bd739b856297e93b20265a427c5a70a2fd65c4cfd0a"]

signed_url = bucket.signed_url file_path, issuer: "native_client_email", signing_key: signing_key_mock, version: :v4

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end
end

class PoisonSigningKey
def sign kind, sig
raise "The wrong signing_key was used"
Expand Down
42 changes: 42 additions & 0 deletions google-cloud-storage/test/google/cloud/storage/file_signed_url_v2_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
let(:file_name) { "file.ext" }
let(:file_gapi) { Google::Apis::StorageV1::Object.from_json random_file_hash(bucket.name, file_name).to_json }
let(:file) { Google::Cloud::Storage::File.from_gapi file_gapi, storage.service }
let(:custom_universe_domain) { "mydomain1.com" }
let(:custom_endpoint) { "https://storage.#{custom_universe_domain}/" }

it "uses the credentials' issuer and signing_key to generate signed_url" do
Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
Expand Down Expand Up @@ -234,6 +236,46 @@
end
end

describe "Supports custom endpoint" do

it "returns signed_url with custom universe_domain" do
service = Google::Cloud::Storage::Service.new project, credentials, universe_domain: custom_universe_domain
file = Google::Cloud::Storage::File.from_gapi file_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GET\n\n\n1325376300\n/bucket/file.ext"]

credentials.issuer = "native_client_email"
credentials.signing_key = signing_key_mock

signed_url = file.signed_url

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end

it "returns signed_url with custom endpoint" do
service = Google::Cloud::Storage::Service.new project, credentials, host: custom_endpoint
file = Google::Cloud::Storage::File.from_gapi file_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GET\n\n\n1325376300\n/bucket/file.ext"]

signed_url = file.signed_url issuer: "native_client_email", signing_key: signing_key_mock

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end
end

class PoisonSigningKey
def sign kind, sig
raise "The wrong signing_key was used"
Expand Down
42 changes: 42 additions & 0 deletions google-cloud-storage/test/google/cloud/storage/file_signed_url_v4_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,15 @@
let(:file_name) { "file.ext" }
let(:file_gapi) { Google::Apis::StorageV1::Object.from_json random_file_hash(bucket.name, file_name).to_json }
let(:file) { Google::Cloud::Storage::File.from_gapi file_gapi, storage.service }
let(:custom_universe_domain) { "mydomain1.com" }
let(:custom_endpoint) { "https://storage.#{custom_universe_domain}/" }

it "uses the credentials' issuer and signing_key to generate signed_url" do
Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GOOG4-RSA-SHA256\n20120101T000000Z\n20120101/auto/storage/goog4_request\ndefeee4e2131c1e8e39d4bd739b856297e93b20265a427c5a70a2fd65c4cfd0a"]

credentials.issuer = "native_client_email"
credentials.signing_key = signing_key_mock

Expand Down Expand Up @@ -215,6 +218,45 @@
end
end

describe "Supports custom endpoint" do
it "returns signed_url with custom universe_domain" do
service = Google::Cloud::Storage::Service.new project, credentials, universe_domain: custom_universe_domain
file = Google::Cloud::Storage::File.from_gapi file_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GOOG4-RSA-SHA256\n20120101T000000Z\n20120101/auto/storage/goog4_request\ndefeee4e2131c1e8e39d4bd739b856297e93b20265a427c5a70a2fd65c4cfd0a"]

credentials.issuer = "native_client_email"
credentials.signing_key = signing_key_mock

signed_url = file.signed_url version: :v4

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end

it "returns signed_url with custom endpoint" do
service = Google::Cloud::Storage::Service.new project, credentials, host: custom_endpoint
file = Google::Cloud::Storage::File.from_gapi file_gapi, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GOOG4-RSA-SHA256\n20120101T000000Z\n20120101/auto/storage/goog4_request\ndefeee4e2131c1e8e39d4bd739b856297e93b20265a427c5a70a2fd65c4cfd0a"]

signed_url = file.signed_url issuer: "native_client_email", signing_key: signing_key_mock, version: :v4

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end
end

class PoisonSigningKey
def sign kind, sig
raise "The wrong signing_key was used"
Expand Down
43 changes: 42 additions & 1 deletion google-cloud-storage/test/google/cloud/storage/lazy/bucket_signed_url_v2_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@
describe Google::Cloud::Storage::Bucket, :signed_url, :v2, :lazy, :mock_storage do
let(:bucket_name) { "bucket" }
let(:bucket) { Google::Cloud::Storage::Bucket.new_lazy bucket_name, storage.service }

let(:custom_universe_domain) { "mydomain1.com" }
let(:custom_endpoint) { "https://storage.#{custom_universe_domain}/" }
let(:file_path) { "file.ext" }

it "uses the credentials' issuer and signing_key to generate signed_url" do
Expand Down Expand Up @@ -163,6 +164,46 @@
end
end

describe "Supports custom endpoint" do

it "returns signed_url with custom universe_domain" do
service = Google::Cloud::Storage::Service.new project, credentials, universe_domain: custom_universe_domain
bucket = Google::Cloud::Storage::Bucket.new_lazy bucket_name, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GET\n\n\n1325376300\n/bucket/file.ext"]

credentials.issuer = "native_client_email"
credentials.signing_key = signing_key_mock

signed_url = bucket.signed_url file_path

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end

it "returns signed_url with custom endpoint" do
service = Google::Cloud::Storage::Service.new project, credentials, host: custom_endpoint
bucket = Google::Cloud::Storage::Bucket.new_lazy bucket_name, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GET\n\n\n1325376300\n/bucket/file.ext"]

signed_url = bucket.signed_url file_path, issuer: "native_client_email", signing_key: signing_key_mock

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end
end

class PoisonSigningKey
def sign kind, sig
raise "The wrong signing_key was used"
Expand Down
42 changes: 41 additions & 1 deletion google-cloud-storage/test/google/cloud/storage/lazy/bucket_signed_url_v4_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,9 @@
describe Google::Cloud::Storage::Bucket, :signed_url, :v4, :lazy, :mock_storage do
let(:bucket_name) { "bucket" }
let(:bucket) { Google::Cloud::Storage::Bucket.new_lazy bucket_name, storage.service }

let(:file_path) { "file.ext" }
let(:custom_universe_domain) { "mydomain1.com" }
let(:custom_endpoint) { "https://storage.#{custom_universe_domain}/" }

it "uses the credentials' issuer and signing_key to generate signed_url" do
Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
Expand Down Expand Up @@ -182,6 +183,45 @@
end
end

describe "Supports custom endpoint" do
it "returns signed_url with custom universe_domain" do
service = Google::Cloud::Storage::Service.new project, credentials, universe_domain: custom_universe_domain
bucket = Google::Cloud::Storage::Bucket.new_lazy bucket_name, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GOOG4-RSA-SHA256\n20120101T000000Z\n20120101/auto/storage/goog4_request\nc709544abd06ec8c09e9825c9a786a8759cd089bf7c64534ccef6058c0b0f88a"]

credentials.issuer = "native_client_email"
credentials.signing_key = signing_key_mock

signed_url = bucket.signed_url version: :v4

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end

it "returns signed_url with custom endpoint" do
service = Google::Cloud::Storage::Service.new project, credentials, host: custom_endpoint
bucket = Google::Cloud::Storage::Bucket.new_lazy bucket_name, service

Time.stub :now, Time.new(2012,1,1,0,0,0, "+00:00") do
signing_key_mock = Minitest::Mock.new
signing_key_mock.expect :is_a?, false, [Proc]
signing_key_mock.expect :sign, "native-signature", [OpenSSL::Digest::SHA256, "GOOG4-RSA-SHA256\n20120101T000000Z\n20120101/auto/storage/goog4_request\ndefeee4e2131c1e8e39d4bd739b856297e93b20265a427c5a70a2fd65c4cfd0a"]

signed_url = bucket.signed_url file_path, issuer: "native_client_email", signing_key: signing_key_mock, version: :v4

signed_url = URI(signed_url)
_(signed_url.host).must_equal URI(custom_endpoint).host
signing_key_mock.verify
end
end
end

class PoisonSigningKey
def sign kind, sig
raise "The wrong signing_key was used"
Expand Down

0 comments on commit e95b075

Please sign in to comment.