Add support for content_type, headers + md5_digest

2016-09-05 07:58:12 +12:00 · 2016-09-05 07:58:12 +12:00 · e6c11a53dd
parent 6f833cd3d7
commit e6c11a53dd
2 changed files with 242 additions and 37 deletions
--- a/builtin/providers/google/data_source_storage_object_signed_url.go
+++ b/builtin/providers/google/data_source_storage_object_signed_url.go
@ -10,16 +10,18 @@ import (
 	"encoding/base64"
 	"encoding/pem"
 	"fmt"
-	"github.com/hashicorp/terraform/helper/pathorcontents"
-	"github.com/hashicorp/terraform/helper/schema"
-	"golang.org/x/oauth2/google"
-	"golang.org/x/oauth2/jwt"
 	"log"
 	"net/url"
 	"os"
 	"strconv"
 	"strings"
 	"time"
+
+	"github.com/hashicorp/terraform/helper/pathorcontents"
+	"github.com/hashicorp/terraform/helper/schema"
+	"golang.org/x/oauth2/google"
+	"golang.org/x/oauth2/jwt"
+	"sort"
 )

 const gcsBaseUrl = "https://storage.googleapis.com"
@ -34,12 +36,11 @@ func dataSourceGoogleSignedUrl() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 			},
-			//TODO: implement support
-			//"content_type": &schema.Schema{
-			//	Type:     schema.TypeString,
-			//	Optional: true,
-			//	Default:  "",
-			//},
+			"content_type": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "",
+			},
 			"credentials": &schema.Schema{
 				Type:     schema.TypeString,
 				Optional: true,
@ -54,17 +55,16 @@ func dataSourceGoogleSignedUrl() *schema.Resource {
 				Optional: true,
 				Default:  "GET",
 			},
-			//TODO: implement support
-			//"http_headers": &schema.Schema{
-			//	Type:     schema.TypeList,
-			//	Optional: true,
-			//},
-			//TODO: implement support
-			//"md5_digest": &schema.Schema{
-			//	Type:     schema.TypeString,
-			//	Optional: true,
-			//	Default:  "",
-			//},
+			"http_headers": &schema.Schema{
+				Type:     schema.TypeMap,
+				Optional: true,
+				Elem:     schema.TypeString,
+			},
+			"md5_digest": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "",
+			},
 			"path": &schema.Schema{
 				Type:     schema.TypeString,
 				Required: true,
@ -80,7 +80,6 @@ func dataSourceGoogleSignedUrl() *schema.Resource {
 func dataSourceGoogleSignedUrlRead(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)

-	// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	// Build UrlData object from data source attributes
 	urlData := &UrlData{}

@ -103,6 +102,25 @@ func dataSourceGoogleSignedUrlRead(d *schema.ResourceData, meta interface{}) err
 	expires := time.Now().Unix() + int64(duration.Seconds())
 	urlData.Expires = int(expires)

+	if v, ok := d.GetOk("content_type"); ok {
+		urlData.ContentType = v.(string)
+	}
+
+	if v, ok := d.GetOk("http_headers"); ok {
+		hdrMap := v.(map[string]interface{})
+
+		if len(hdrMap) > 0 {
+			urlData.HttpHeaders = make(map[string]string, len(hdrMap))
+			for k, v := range hdrMap {
+				urlData.HttpHeaders[k] = v.(string)
+			}
+		}
+	}
+
+	if v, ok := d.GetOk("md5_digest"); ok {
+		urlData.Md5Digest = v.(string)
+	}
+
 	// object path
 	path := []string{
 		"",
@ -112,7 +130,6 @@ func dataSourceGoogleSignedUrlRead(d *schema.ResourceData, meta interface{}) err
 	objectPath := strings.Join(path, "/")
 	urlData.Path = objectPath

-	// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	// Load JWT Config from Google Credentials
 	jwtConfig, err := loadJwtConfig(d, config)
 	if err != nil {
@ -120,7 +137,6 @@ func dataSourceGoogleSignedUrlRead(d *schema.ResourceData, meta interface{}) err
 	}
 	urlData.JwtConfig = jwtConfig

-	// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	// Sign url object data
 	signature, err := SignString(urlData.CreateSigningString(), jwtConfig)
 	if err != nil {
@ -128,7 +144,6 @@ func dataSourceGoogleSignedUrlRead(d *schema.ResourceData, meta interface{}) err
 	}
 	urlData.Signature = signature

-	// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 	// Construct URL
 	finalUrl := urlData.BuildUrl()
 	d.SetId(urlData.EncodedSignature())
@ -204,11 +219,14 @@ func parsePrivateKey(key []byte) (*rsa.PrivateKey, error) {
 }

 type UrlData struct {
-	JwtConfig  *jwt.Config
-	HttpMethod string
-	Expires    int
-	Path       string
-	Signature  []byte
+	JwtConfig   *jwt.Config
+	ContentType string
+	HttpMethod  string
+	Expires     int
+	Md5Digest   string
+	HttpHeaders map[string]string
+	Path        string
+	Signature   []byte
 }

 // Creates a string in the form ready for signing:
@ -229,11 +247,11 @@ func (u *UrlData) CreateSigningString() []byte {
 	buf.WriteString("\n")

 	// MD5 digest (optional)
-	// TODO
+	buf.WriteString(u.Md5Digest)
 	buf.WriteString("\n")

 	// request content-type (optional)
-	// TODO
+	buf.WriteString(u.ContentType)
 	buf.WriteString("\n")

 	// signed url expiration
@ -241,11 +259,23 @@ func (u *UrlData) CreateSigningString() []byte {
 	buf.WriteString("\n")

 	// additional request headers (optional)
-	// TODO
+	// Must be sorted in lexigraphical order
+	var keys []string
+	for k := range u.HttpHeaders {
+		keys = append(keys, strings.ToLower(k))
+	}
+	sort.Strings(keys)
+
+	// To perform the opertion you want
+	for _, k := range keys {
+		buf.WriteString(fmt.Sprintf("%s:%s\n", k, u.HttpHeaders[k]))
+	}

 	// object path
 	buf.WriteString(u.Path)

+	fmt.Printf("SIGNING STRING: \n%s\n", buf.String())
+
 	return buf.Bytes()
 }

--- a/builtin/providers/google/data_source_storage_object_signed_url_test.go
+++ b/builtin/providers/google/data_source_storage_object_signed_url_test.go
@ -12,7 +12,9 @@ import (
 	"github.com/hashicorp/terraform/terraform"
 	"golang.org/x/oauth2/google"
 	"io/ioutil"
+	"net/http"
 	"net/url"
+	"strings"
 )

 const fakeCredentials = `{
@ -130,13 +132,92 @@ func TestDatasourceSignedUrl_accTest(t *testing.T) {
 			resource.TestStep{
 				Config: testAccTestGoogleStorageObjectSingedUrl(bucketName),
 				Check: resource.ComposeTestCheckFunc(
-					testAccGoogleSignedUrlRetrieval("data.google_storage_object_signed_url.story_url"),
+					testAccGoogleSignedUrlRetrieval("data.google_storage_object_signed_url.story_url", nil),
 				),
 			},
 		},
 	})
 }

+func TestDatasourceSignedUrl_wHeaders(t *testing.T) {
+
+	headers := map[string]string{
+		"x-goog-test": "foo",
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccTestGoogleStorageObjectSingedUrl_wHeader(),
+				Check: resource.ComposeTestCheckFunc(
+					testAccGoogleSignedUrlRetrieval("data.google_storage_object_signed_url.story_url_w_headers", headers),
+				),
+			},
+		},
+	})
+}
+
+func TestDatasourceSignedUrl_wContentType(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccTestGoogleStorageObjectSingedUrl_wContentType(),
+				Check: resource.ComposeTestCheckFunc(
+					testAccGoogleSignedUrlRetrieval("data.google_storage_object_signed_url.story_url_w_content_type", nil),
+				),
+			},
+		},
+	})
+}
+
+func TestDatasourceSignedUrl_wMD5(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccTestGoogleStorageObjectSingedUrl_wMD5(),
+				Check: resource.ComposeTestCheckFunc(
+					testAccGoogleSignedUrlRetrieval("data.google_storage_object_signed_url.story_url_w_md5", nil),
+				),
+			},
+		},
+	})
+}
+
+// formatRequest generates ascii representation of a request
+func formatRequest(r *http.Request) string {
+	// Create return string
+	var request []string
+	request = append(request, "--------")
+	// Add the request string
+	url := fmt.Sprintf("%v %v %v", r.Method, r.URL, r.Proto)
+	request = append(request, url)
+	// Add the host
+	request = append(request, fmt.Sprintf("Host: %v", r.Host))
+	// Loop through headers
+	for name, headers := range r.Header {
+		//name = strings.ToLower(name)
+		for _, h := range headers {
+			request = append(request, fmt.Sprintf("%v: %v", name, h))
+		}
+	}
+
+	// If this is a POST, add post data
+	if r.Method == "POST" {
+		r.ParseForm()
+		request = append(request, "\n")
+		request = append(request, r.Form.Encode())
+	}
+	request = append(request, "--------")
+	// Return the request as a string
+	return strings.Join(request, "\n")
+}
+
 func testAccGoogleSignedUrlExists(n string) resource.TestCheckFunc {
 	return func(s *terraform.State) error {

@ -151,9 +232,12 @@ func testAccGoogleSignedUrlExists(n string) resource.TestCheckFunc {
 	}
 }

-func testAccGoogleSignedUrlRetrieval(n string) resource.TestCheckFunc {
+func testAccGoogleSignedUrlRetrieval(n string, headers map[string]string) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		r := s.RootModule().Resources[n]
+		if r == nil {
+			return fmt.Errorf("Datasource not found")
+		}
 		a := r.Primary.Attributes

 		if a["signed_url"] == "" {
@ -161,10 +245,38 @@ func testAccGoogleSignedUrlRetrieval(n string) resource.TestCheckFunc {
 		}

 		url := a["signed_url"]
+		fmt.Printf("URL: %s\n", url)
+		method := a["http_method"]
+
+		req, _ := http.NewRequest(method, url, nil)
+
+		// Apply custom headers to request
+		for k, v := range headers {
+			fmt.Printf("Adding Header (%s: %s)\n", k, v)
+			req.Header.Set(k, v)
+		}
+
+		contentType := a["content_type"]
+		if contentType != "" {
+			fmt.Printf("Adding Content-Type: %s\n", contentType)
+			req.Header.Add("Content-Type", contentType)
+		}
+
+		md5Digest := a["md5_digest"]
+		if md5Digest != "" {
+			fmt.Printf("Adding Content-MD5: %s\n", md5Digest)
+			req.Header.Add("Content-MD5", md5Digest)
+		}

 		// send request to GET object using signed url
 		client := cleanhttp.DefaultClient()
-		response, err := client.Get(url)
+
+		// Print request
+		//dump, _ := httputil.DumpRequest(req, true)
+		//fmt.Printf("%+q\n", strings.Replace(string(dump), "\\n", "\n", 99))
+		fmt.Printf("%s\n", formatRequest(req))
+
+		response, err := client.Do(req)
 		if err != nil {
 			return err
 		}
@ -206,6 +318,69 @@ data "google_storage_object_signed_url" "story_url" {
  bucket = "${google_storage_bucket.bucket.name}"
  path   = "${google_storage_bucket_object.story.name}"

+}`, bucketName)
 }
-`, bucketName)
+
+func testAccTestGoogleStorageObjectSingedUrl_wHeader() string {
+	return fmt.Sprintf(`
+resource "google_storage_bucket" "bucket" {
+	name = "tf-signurltest-%s"
+}
+
+resource "google_storage_bucket_object" "story" {
+  name   = "path/to/file"
+  bucket = "${google_storage_bucket.bucket.name}"
+
+  content = "once upon a time..."
+}
+
+data "google_storage_object_signed_url" "story_url_w_headers" {
+  bucket = "${google_storage_bucket.bucket.name}"
+  path   = "${google_storage_bucket_object.story.name}"
+  http_headers {
+  	x-goog-test = "foo"
+  }
+}`, acctest.RandString(6))
+}
+
+func testAccTestGoogleStorageObjectSingedUrl_wContentType() string {
+	return fmt.Sprintf(`
+resource "google_storage_bucket" "bucket" {
+	name = "tf-signurltest-%s"
+}
+
+resource "google_storage_bucket_object" "story" {
+  name   = "path/to/file"
+  bucket = "${google_storage_bucket.bucket.name}"
+
+  content = "once upon a time..."
+}
+
+data "google_storage_object_signed_url" "story_url_w_content_type" {
+  bucket = "${google_storage_bucket.bucket.name}"
+  path   = "${google_storage_bucket_object.story.name}"
+
+  content_type = "text/plain"
+}`, acctest.RandString(6))
+}
+
+func testAccTestGoogleStorageObjectSingedUrl_wMD5() string {
+	return fmt.Sprintf(`
+resource "google_storage_bucket" "bucket" {
+	name = "tf-signurltest-%s"
+}
+
+resource "google_storage_bucket_object" "story" {
+  name   = "path/to/file"
+  bucket = "${google_storage_bucket.bucket.name}"
+
+  content = "once upon a time..."
+}
+
+data "google_storage_object_signed_url" "story_url_w_md5" {
+  bucket = "${google_storage_bucket.bucket.name}"
+  path   = "${google_storage_bucket_object.story.name}"
+
+  md5_digest = "${google_storage_bucket_object.story.md5hash}"
+}`, acctest.RandString(6))
 }