init AssumeRoleHandle

2026-01-17 09:40:32 +00:00 · 2024-11-11 17:34:46 +08:00
parent 4dd65ee9b2
commit 5cf1bcef28
4 changed files with 101 additions and 4 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2110,7 +2110,11 @@ dependencies = [
 "hyper",
 "matchit 0.8.5",
 "pin-project-lite",
+ "quick-xml",
 "s3s",
+ "serde",
+ "serde-xml-rs",
+ "serde_urlencoded",
 "tracing",
 ]

@@ -2325,6 +2329,18 @@ dependencies = [
 "serde_derive",
 ]

+[[package]]
+name = "serde-xml-rs"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fb3aa78ecda1ebc9ec9847d5d3aba7d618823446a049ba2491940506da6e2782"
+dependencies = [
+ "log",
+ "serde",
+ "thiserror",
+ "xml-rs",
+]
+
 [[package]]
 name = "serde_derive"
 version = "1.0.214"
@@ -3200,6 +3216,12 @@ version = "0.5.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1e9df38ee2d2c3c5948ea468a8406ff0db0b29ae1ffde1bcf20ef305bcc95c51"

+[[package]]
+name = "xml-rs"
+version = "0.8.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "af310deaae937e48a26602b730250b4949e125f468f11e6990be3e5304ddd96f"
+
 [[package]]
 name = "xxhash-rust"
 version = "0.8.12"
--- a/ecstore/src/options.rs
+++ b/ecstore/src/options.rs
@@ -64,7 +64,7 @@ pub fn put_opts_from_headers(
 }

 fn get_default_opts(
-    headers: &HeaderMap<HeaderValue>,
+    _headers: &HeaderMap<HeaderValue>,
    metadata: HashMap<String, String>,
    _copy_source: bool,
 ) -> Result<ObjectOptions> {
--- a/router/Cargo.toml
+++ b/router/Cargo.toml
@@ -15,3 +15,7 @@ hyper.workspace = true
 matchit = "0.8.4"
 pin-project-lite.workspace = true
 common.workspace = true
+serde_urlencoded = "0.7.1"
+serde.workspace = true
+quick-xml = "0.37.0"
+serde-xml-rs = "0.6.0"
--- a/router/src/handlers.rs
+++ b/router/src/handlers.rs
@@ -1,17 +1,88 @@
+use crate::router::Operation;
 use hyper::StatusCode;
 use matchit::Params;
 use s3s::{s3_error, Body, S3Request, S3Response, S3Result};
+use serde::{Deserialize, Serialize};
+use serde_urlencoded::from_bytes;
 use tracing::warn;

-use crate::router::Operation;
+#[derive(Deserialize, Debug, Default)]
+#[serde(rename_all = "PascalCase", default)]
+pub struct AssumeRoleRequest {
+    pub action: String,
+    pub duration_seconds: usize,
+    pub version: String,
+    pub role_arn: String,
+    pub role_session_name: String,
+    pub policy: String,
+    pub external_id: String,
+}
+
+#[derive(Debug, Serialize, Default)]
+#[serde(rename_all = "PascalCase", default)]
+pub struct AssumeRoleResponse {
+    #[serde(rename = "AssumeRoleResult")]
+    pub result: AssumeRoleResult,
+}
+
+#[derive(Debug, Serialize, Default)]
+#[serde(rename_all = "PascalCase", default)]
+pub struct AssumeRoleResult {
+    pub credentials: Credentials,
+}
+
+#[derive(Debug, Serialize, Default)]
+#[serde(rename_all = "PascalCase", default)]
+pub struct Credentials {
+    #[serde(rename = "AccessKeyId")]
+    pub access_key: String,
+    #[serde(rename = "SecretAccessKey")]
+    pub secret_key: String,
+    pub status: String,
+    pub expiration: usize,
+    pub session_token: String,
+    pub parent_user: String,
+}

 pub struct AssumeRoleHandle {}
 #[async_trait::async_trait]
 impl Operation for AssumeRoleHandle {
-    async fn call(&self, _req: S3Request<Body>, _params: Params<'_, '_>) -> S3Result<S3Response<(StatusCode, Body)>> {
+    async fn call(&self, req: S3Request<Body>, _params: Params<'_, '_>) -> S3Result<S3Response<(StatusCode, Body)>> {
        warn!("handle AssumeRoleHandle");

-        return Err(s3_error!(NotImplemented));
+        let Some(cred) = req.credentials else { return Err(s3_error!(InvalidRequest, "get body failed")) };
+
+        warn!("AssumeRole get cred {:?}", cred);
+
+        let mut input = req.input;
+
+        let Some(bytes) = input.take_bytes() else {
+            return Err(s3_error!(InvalidRequest, "get body failed"));
+        };
+        let body: AssumeRoleRequest = from_bytes(&bytes).map_err(|_e| s3_error!(InvalidRequest, "get body failed"))?;
+
+        warn!("AssumeRole get body {:?}", body);
+
+        let resp = AssumeRoleResponse {
+            result: AssumeRoleResult {
+                credentials: Credentials {
+                    access_key: "test".to_owned(),
+                    secret_key: "test".to_owned(),
+                    status: "on".to_owned(),
+                    expiration: 0,
+                    session_token: "sdf".to_owned(),
+                    parent_user: cred.access_key,
+                },
+            },
+        };
+        // getAssumeRoleCredentials
+        let output = serde_xml_rs::to_string(&resp).unwrap();
+
+        warn!("output {:?}", output);
+
+        Ok(S3Response::new((StatusCode::OK, Body::from(output))))
+
+        // return Err(s3_error!(NotImplemented));
    }
 }