Task #2859
Updated by Tim Pierce over 10 years ago
Review @ commit:5214573 2755: add support for signed locators in the Python SDK. * @arvados.Keep.put()@ arvados.Keep.put() saves the response body (which may contain a signed locator) and returns it to the caller. * @arvados.Keep.get()@ arvados.Keep.get() passes the full signed locator to the remote Keep server. The bare MD5 hash is still used for caching and for shuffled_service_roots * @run_test_server.run_keep()@ run_test_server.run_keep() takes arguments 'blob_signing_key' and 'enforce_permissions', for testing permission signatures in unit tests. * test_keep_client: new unit tests for permissions: ** with @--enforce-permissions=true@: --enforce-permissions=true: *** GET with a signed locator works *** GET with an unsigned locator fails *** unauthenticated GET fails ** with @--enforce-permissions=false@: --enforce-permissions=false: *** GET with a signed locator works *** GET with an unsigned locator works *** unauthenticated GET works Bug fixes to permission handling in the Keep server: * Locator hints may appear in any order; be flexible. Parse them in @GetBlockHandler@ GetBlockHandler rather than in the REST router. * Returned locators are terminated with newline (consistent with Warehouse, and more friendly for human debugging). * The locator returned from a PUT request always has a size hint. * The correct Authorization header keyword is "OAuth2", not "OAuth". D'oh. * Updated unit tests to accommodate newlines, size hints and OAuth2. Refs #2755.