Compare commits
3 Commits
a33a91e519
...
ce115ff485
Author | SHA1 | Date | |
---|---|---|---|
ce115ff485 | |||
3a1208d6a9 | |||
2ac82209b9 |
|
@ -17,6 +17,8 @@ jobs:
|
|||
with:
|
||||
version: 0.12.0
|
||||
- uses: elerch/zig-action-cache@v1.1.6
|
||||
- name: Standard build
|
||||
run: zig build --verbose
|
||||
- name: Run tests
|
||||
run: zig build test --verbose
|
||||
- name: Build other platforms
|
||||
|
|
|
@ -103,7 +103,7 @@ pub fn build(b: *std.Build) !void {
|
|||
try universal_lambda_build.configureBuild(b, exe, universal_lambda_zig_dep);
|
||||
_ = universal_lambda_build.addImports(b, exe, universal_lambda_zig_dep);
|
||||
|
||||
const exe_aws_dep = b.dependency("aws-zig", .{
|
||||
const exe_aws_dep = b.dependency("aws", .{
|
||||
.target = target,
|
||||
.optimize = optimize,
|
||||
});
|
||||
|
@ -124,7 +124,7 @@ pub fn build(b: *std.Build) !void {
|
|||
const test_step = b.step("test", "Run unit tests");
|
||||
for (test_targets) |ct| {
|
||||
const t = b.resolveTargetQuery(ct);
|
||||
const aws_dep = b.dependency("aws-zig", .{
|
||||
const aws_dep = b.dependency("aws", .{
|
||||
.target = t,
|
||||
.optimize = optimize,
|
||||
});
|
||||
|
|
|
@ -11,9 +11,9 @@
|
|||
.url = "https://git.lerch.org/lobo/universal-lambda-zig/archive/f3d80b4afe8c13031b6cff051e93deaeadb1d268.tar.gz",
|
||||
.hash = "122093d59b28dcd0201eaa1587ca78e11c06fb563b2cb9b554aaa5f7bab0ae34432e",
|
||||
},
|
||||
.@"aws-zig" = .{
|
||||
.url = "https://git.lerch.org/api/packages/lobo/generic/aws-sdk-with-models/007f2f588aa30fd2c62d6a037fb87bace8a83710/007f2f588aa30fd2c62d6a037fb87bace8a83710-with-models.tar.gz",
|
||||
.hash = "1220f128554146e2f58f223a51f1839f49012294a8163a445e8320889539edcda9b3",
|
||||
.aws = .{
|
||||
.url = "https://git.lerch.org/api/packages/lobo/generic/aws-sdk-with-models/c60c40f627983b35cc4ba762f510d729c80b47c3/c60c40f627983b35cc4ba762f510d729c80b47c3-with-models.tar.gz",
|
||||
.hash = "12208171bfd8fccdb28beab1978cf63b8557c9d210afb15ee59960342fd6b5476640",
|
||||
},
|
||||
},
|
||||
.paths = .{
|
||||
|
|
47
src/main.zig
47
src/main.zig
|
@ -9,8 +9,8 @@ const Account = @import("Account.zig");
|
|||
|
||||
const log = std.log.scoped(.dynamodb);
|
||||
|
||||
pub const std_options = struct {
|
||||
pub const log_scope_levels = &[_]std.log.ScopeLevel{.{ .scope = .aws_signing, .level = .info }};
|
||||
pub const std_options = .{
|
||||
.log_scope_levels = &.{.{ .scope = .aws_signing, .level = .info }},
|
||||
};
|
||||
|
||||
pub fn main() !u8 {
|
||||
|
@ -32,12 +32,16 @@ pub fn handler(allocator: std.mem.Allocator, event_data: []const u8, context: un
|
|||
var fis = std.io.fixedBufferStream(event_data);
|
||||
|
||||
try authenticateUser(allocator, context, context.request.target, context.request.headers, fis.reader());
|
||||
try setContentType(&context.headers, "application/x-amz-json-1.0", false);
|
||||
try setContentType(allocator, &context.headers, "application/x-amz-json-1.0", false);
|
||||
// https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html#API_CreateTable_Examples
|
||||
// Operation is in X-Amz-Target
|
||||
// event_data is json
|
||||
// X-Amz-Target: DynamoDB_20120810.CreateTable
|
||||
const target_value_or_null = context.request.headers.getFirstValue("X-Amz-Target");
|
||||
const target_value_or_null = blk: {
|
||||
for (context.request.headers) |h|
|
||||
if (std.ascii.eqlIgnoreCase(h.name, "X-Amz-Target")) break :blk h.value;
|
||||
break :blk null;
|
||||
};
|
||||
const target_value = if (target_value_or_null) |t| t else {
|
||||
context.status = .bad_request;
|
||||
context.reason = "Missing X-Amz-Target header";
|
||||
|
@ -76,12 +80,24 @@ pub fn handler(allocator: std.mem.Allocator, event_data: []const u8, context: un
|
|||
context.status = .bad_request;
|
||||
return error.OperationUnsupported;
|
||||
}
|
||||
fn setContentType(headers: *std.http.Headers, content_type: []const u8, overwrite: bool) !void {
|
||||
if (headers.contains("content-type")) {
|
||||
if (!overwrite) return;
|
||||
_ = headers.delete("content-type");
|
||||
fn setContentType(allocator: std.mem.Allocator, headers: *[]const std.http.Header, content_type: []const u8, overwrite: bool) !void {
|
||||
for (headers.*, 0..) |h, i| {
|
||||
if (std.ascii.eqlIgnoreCase(h.name, "content-type")) {
|
||||
if (overwrite) {
|
||||
const new_headers = try allocator.dupe(std.http.Header, headers.*);
|
||||
errdefer allocator.free(new_headers);
|
||||
new_headers[i] = .{ .name = "Content-Type", .value = content_type };
|
||||
headers.* = new_headers;
|
||||
}
|
||||
return;
|
||||
}
|
||||
}
|
||||
try headers.append("Content-Type", content_type);
|
||||
// need to add to the array
|
||||
const new_headers = try allocator.alloc(std.http.Header, headers.len + 1);
|
||||
errdefer allocator.free(new_headers);
|
||||
@memcpy(new_headers[0..headers.len], headers.*);
|
||||
new_headers[new_headers.len - 1] = .{ .name = "Content-Type", .value = content_type };
|
||||
headers.* = new_headers;
|
||||
}
|
||||
fn executeOperation(
|
||||
request: *AuthenticatedRequest,
|
||||
|
@ -98,8 +114,9 @@ fn executeOperation(
|
|||
return err;
|
||||
};
|
||||
}
|
||||
fn authenticateUser(allocator: std.mem.Allocator, context: universal_lambda_interface.Context, target: []const u8, headers: std.http.Headers, body_reader: anytype) !void {
|
||||
fn authenticateUser(allocator: std.mem.Allocator, context: universal_lambda_interface.Context, target: []const u8, headers: []const std.http.Header, body_reader: anytype) !void {
|
||||
const request = signing.UnverifiedRequest{
|
||||
.allocator = allocator,
|
||||
.method = std.http.Method.POST,
|
||||
.target = target,
|
||||
.headers = headers,
|
||||
|
@ -215,7 +232,7 @@ fn fillRootCreds(allocator: std.mem.Allocator) !void {
|
|||
}
|
||||
|
||||
const NullAllocator = struct {
|
||||
const thing = 0;
|
||||
const thing: u8 = 0;
|
||||
const vtable = std.mem.Allocator.VTable{
|
||||
.alloc = alloc,
|
||||
.resize = resize,
|
||||
|
@ -268,8 +285,12 @@ fn accountForAccessKey(allocator: std.mem.Allocator, access_key: []const u8) !u4
|
|||
/// Function assumes an authenticated request, so signing.verify must be called
|
||||
/// and returned true before calling this function. If authentication header
|
||||
/// is not found, environment variable will be used
|
||||
fn accountId(allocator: std.mem.Allocator, headers: std.http.Headers) !u40 {
|
||||
const auth_header = headers.getFirstValue("Authorization");
|
||||
fn accountId(allocator: std.mem.Allocator, headers: []const std.http.Header) !u40 {
|
||||
const auth_header = blk: {
|
||||
for (headers) |h|
|
||||
if (std.ascii.eqlIgnoreCase(h.name, "Authorization")) break :blk h.value;
|
||||
break :blk null;
|
||||
};
|
||||
if (auth_header) |h| {
|
||||
// AWS4-HMAC-SHA256 Credential=ACCESS/20230908/us-west-2/s3/aws4_request, SignedHeaders=accept;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-storage-class, Signature=fcc43ce73a34c9bd1ddf17e8a435f46a859812822f944f9eeb2aabcd64b03523
|
||||
const start = std.mem.indexOf(u8, h, "Credential=").? + "Credential=".len;
|
||||
|
|
Loading…
Reference in New Issue
Block a user