Coder Social home page Coder Social logo

yegor256 / s3auth Goto Github PK

View Code? Open in Web Editor NEW
254.0 12.0 54.0 2.83 MB

Amazon S3 HTTP Basic Auth Gateway: put your files into S3 bucket and make them accessible with a login/password through a browser

Home Page: https://www.s3auth.com

License: Other

Shell 0.04% Java 89.90% XSLT 5.79% CSS 0.76% TeX 3.49% Procfile 0.03%
aws amazon-s3-bucket java gateway aws-s3 amazon-web-services http-auth http-authentication

s3auth's Introduction

EO principles respected here DevOps By Rultor.com We recommend IntelliJ IDEA

mvn Availability at SixNines PDD status codecov Hits-of-Code Lines of code License

s3auth.com is a Basic HTTP Auth gateway in front of your private Amazon S3 bucket. Read this blog post for a more detailed explanation: Basic HTTP Auth for S3 Buckets.

Point your test.example.com CNAME to relay.s3auth.com, and register the domain in s3auth.com web panel. You will be able to access bucket's content in a browser with an HTTP basic auth. Your bucket will be accessible using your Amazon IAM credentials and with custom user/password pairs in your .htpasswd file (similar to Apache HTTP Server).

For example, try http://maven.s3auth.com/ (with username s3auth and password s3auth). You will access content of Amazon S3 bucket maven.s3auth.com, which is not readable anonymously otherwise.

How to contribute

Fork repository, make changes, send us a pull request. We will review your changes and apply them to the master branch shortly, provided they don't violate our quality standards. To avoid frustration, before sending us your pull request please run full Maven build:

$ mvn clean install -Pqulice

To avoid build errors use JDK 11+ and Maven 3.3+.

To run it locally:

$ mvn clean install -Phit-refresh -Dport=8080

You will be able to open it at http://localhost:8080

s3auth's People

Contributors

bitdeli-chef avatar caarlos0 avatar carlosmiranda avatar dependabot[bot] avatar jart avatar llorllale avatar marczeeee avatar maurezen avatar mentiflectax avatar palyuga avatar pinaf avatar renovate[bot] avatar rultor avatar simonjenga avatar wentwog avatar yegor256 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

ko11ega carlosmiranda maodd jessesanford wentwog longtimeago alevohin palyuga nhekfqn cyberone maurezen willhogan dinhpc kevintrannz gvlasov full-stack-king dp1310 bmoothedan ebridges jpetazzo agilehands mikeaddison93 jart mariosotil javimey vanife amihaiemil appknox associatedpress cesardv maniacs-ops ncalvas lovetocommit bmmpt jiji87432 leusonmario vcctr nanquanyuhao llorllale simonjenga guilhermejccavalcanti jtorresfabra vstars tool-recommender-bot cass-green vmelnychuk mzafad alayor mohamednizar seonghobae chenzhangg mozey

s3auth's Issues

stack overflow in Htpasswd#authorize() 

Mar 17 20:05:09 relay.s3auth.com user:  [ERROR] bc550d9a com.s3auth.hosts.Htpasswd: #authorized('s3auth', 's3auth'): thrown java.lang.StackOverflowError (NULL) in 4ms
Mar 17 20:05:09 relay.s3auth.com user:  [ERROR] bc550d9a com.s3auth.hosts.DefaultHost: #authorized('s3auth', 's3auth'): thrown java.lang.StackOverflowError (NULL) in 6ms
Mar 17 20:05:09 relay.s3auth.com user:  [ERROR] bc550d9a com.s3auth.hosts.SmartHost: #authorized('s3auth', 's3auth'): thrown java.lang.StackOverflowError (NULL) in 7ms
Mar 17 20:05:09 relay.s3auth.com user:  [ERROR] bc550d9a com.s3auth.relay.SecuredHost: #authorized('s3auth', 's3auth'): thrown java.lang.StackOverflowError (NULL) in 8ms
Mar 17 20:05:09 relay.s3auth.com user:  [ERROR] bc550d9a com.s3auth.relay.SecuredHost: #fetch('/'): thrown java.lang.StackOverflowError (NULL) in 9ms
Mar 17 20:05:09 relay.s3auth.com user:  [ERROR] bc550d9a com.s3auth.relay.HttpThread: #dispatch(): thrown java.lang.StackOverflowError (NULL) in 8s

pass all HTTP headers from Amazon to the client

Discussion started in #43. Let's pass all HTTP headers received from Amazon to the client. I remember that there was some reason in the past why we weren't able to do this, but let's re-consider that decision. Looks like it should be a harmful mechanism.

support query string in request for asset

First off this is an awesome tool, thanks for writing.

Requests to files in s3 that contain a qs fail to fetch.

It is handy to pass along the query string for things like making sure browser is not caching css/js assets.

example:

http://foo.mydomain.com/api/resources/bootstrap.min.css?blah results in:

failed to fetch '/api/resources/bootstrap.min.css?blah' from 'foo.mydomain.com' (key=abcd)

http://foo.mydomain.com/api/resources/bootstrap.min.css however works...

syslog trails per domain

As a new feature, would be nice to have an ability to forward all domain-specific events to a custom syslog host/port (configurable from the web front).

add config to docs

Very sweet tool guys.

Could you add something like the following to your readme/wiki, may help the next person save some time.

Create a new user via IAM (use these creds in s3auth.com), give this IAM user read only access to a bucket via:


{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:Get*",
        "s3:List*"
      ],
      "Resource": ["arn:aws:s3:::bucket.name"]
    }
  ]
}

Generate .htpasswd file with sha1:

htpasswd -nbs user password

upload it to root of your bucket, give it 'any authenticated user' access (or the new user that u just added).

Now add the files and give anyone with auth ability to read:

s3cmd -v -r --add-header=x-amz-acl:authenticated-read -M put ../api s3://api.mydomain.com/

Wait for DNS to propagate and you are done

large files: broken pipe 

[ERROR] back-8 com.s3auth.relay.HttpResponse: #send('Socket[addr=/85.200.xx.xx,port=40605,localport=80]'): thrown java.net.SocketException ('Broken pipe') in 120ms
[WARN] back-8 com.s3auth.relay.HttpThread: #run(): IO problem: Broken pipe
[ERROR] back-8 com.s3auth.relay.HttpResponse: #send('Socket[addr=/85.200.xx.xx,port=40605,localport=80]'): thrown java.net.SocketException ('Broken pipe') in 190mcs
[ERROR] back-8 com.s3auth.relay.HttpThread: #run(): thrown java.lang.IllegalStateException ('java.net.SocketException: Broken pipe') in 8s
[WARN] back-8 com.jcabi.log.VerboseRunnable: escalated exception: java.lang.IllegalStateException: java.net.SocketException: Broken pipe
    at com.s3auth.relay.HttpThread.failure(HttpThread.java:224)
    at com.s3auth.relay.HttpThread.run_aroundBody0(HttpThread.java:139)
    at com.s3auth.relay.HttpThread$AjcClosure1.run(HttpThread.java:1)
    at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
    at com.jcabi.aspects.aj.MethodLogger.wrap(MethodLogger.java:70)
    at com.s3auth.relay.HttpThread.run(HttpThread.java:101)
    at com.jcabi.log.VerboseRunnable.run(VerboseRunnable.java:143)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:351)
    at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:178)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:165)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:267)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
    at java.util.concurrent.ThreadPoolExecutor$Wor:603)
    at com.jcabi.log.VerboseThreads$2.run(VerboseThreads.java:181)
    at java.lang.Thread.run(Thread.java:679)
Caused by: java.net.SocketException: Broken pipe
    at java.net.SocketOutputStream.socketWrite0(Native Method)
    at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:109)
    at java.net.SocketOutputStream.write(SocketOutputStream.java:153)
    at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:220)
    at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:290)
    at sun.nio.cs.StreamEncoderimplFlush(StreamEncoder.java:294)
    at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:140)
    at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229)
    at com.s3auth.relay.HttpResponse.send_aroundBody0(HttpResponse.java:169)
    at com.s3auth.relay.HttpResponse$AjcClosure1.run(HttpResponse.java:1)
    at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149)
    at com.jcabi.aspects.aj.MethodLogger.wrap(MethodLogger.java:70)
    at com.s3auth.relay.HttpResponse.send(HttpResponse.java:142)
    at com.s3auth.relay.HttpThread.failure(HttpThread.java:222)... 15 more
  • 33-9ff485f7/#95 (by )

directory issue

Am moving an octopress blog over to s3, and I want to hide it for the moment, hence s3auth.

Setup ok and working fine at the top level page, but not any directories.

The octopress pages map like this
/domain/page -> /domain/page/index.html

when I access /domain/page/index.html it works fine, but /domain/page/ or /domain/page just gives me an access error.

my domain is dev.damon.io

Thanks

can't login with FB company page

The login from Facebook seems to require a personal FB account. I tried to log inn with the company FB page, but that did not work.

Empty endpoint doesn't work during domain registration

Hi,

First off, thanks a lot for putting up this free service. I tried to register a new domain following the instruction.

Hostname: sa-sanofi.tsibiocomputing.com

I left "Optional S3 endpoint" blank since I use AWS US standard.

However, I got the following error message:

invalid AWS S3 region 's3.amazonaws.com'; invalid domain

Do you know what is wrong?

504 errors

I'm getting HTTP/1.1 504 Gateway Timeout's when I try to request my page(s). Used to work - I don't think I changed anything. .htpasswd in root of bucket has not changed.

any ideas?

Ryan Pendergast is my FB login. Its http://[mydomain].com/api/index.html . If you cant tell my domain from your end let me know and I'll email you it.

can't start RELAY because of broken maven dependencies 

[ERROR] The build could not read 1 project -> [Help 1]
org.apache.maven.project.ProjectBuildingException: Some problems were encountered while processing the POMs:
[ERROR] Unresolveable build extension: Plugin org.cyclopsgroup:awss3-maven-wagon:0.1 or one of its dependencies could not be resolved: Failed to collect dependencies for org.cyclopsgroup:awss3-maven-wagon:jar:0.1 () @ 

    at org.apache.maven.project.DefaultProjectBuilder.build(DefaultProjectBuilder.java:363)
    at org.apache.maven.DefaultMaven.collectProjects(DefaultMaven.java:636)
    at org.apache.maven.DefaultMaven.getProjectsForMavenReactor(DefaultMaven.java:585)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:234)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537)
    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
    at org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
[ERROR]   
[ERROR]   The project com.s3auth:s3auth-relay-production:1.0-SNAPSHOT (/home/ubuntu/pom.xml) has 1 error
[ERROR]     Unresolveable build extension: Plugin org.cyclopsgroup:awss3-maven-wagon:0.1 or one of its dependencies could not be resolved: Failed to collect dependencies for org.cyclopsgroup:awss3-maven-wagon:jar:0.1 (): No versions available for org.codehaus.jackson:jackson-core-asl:jar:[1.4,) within specified range -> [Help 2]
org.apache.maven.plugin.PluginResolutionException: Plugin org.cyclopsgroup:awss3-maven-wagon:0.1 or one of its dependencies could not be resolved: Failed to collect dependencies for org.cyclopsgroup:awss3-maven-wagon:jar:0.1 ()
    at org.apache.maven.plugin.internal.DefaultPluginDependenciesResolver.resolve(DefaultPluginDependenciesResolver.java:211)
    at org.apache.maven.project.DefaultProjectBuildingHelper.resolveExtensionArtifacts(DefaultProjectBuildingHelper.java:377)
    at org.apache.maven.project.DefaultProjectBuildingHelper.createProjectRealm(DefaultProjectBuildingHelper.java:237)
    at org.apache.maven.project.DefaultModelBuildingListener.buildExtensionsAssembled(DefaultModelBuildingListener.java:106)
    at org.apache.maven.model.building.ModelBuildingEventCatapult$1.fire(ModelBuildingEventCatapult.java:43)
    at org.apache.maven.model.building.DefaultModelBuilder.fireEvent(DefaultModelBuilder.java:1053)
    at org.apache.maven.model.building.DefaultModelBuilder.build(DefaultModelBuilder.java:388)
    at org.apache.maven.model.building.DefaultModelBuilder.build(DefaultModelBuilder.java:371)
    at org.apache.maven.project.DefaultProjectBuilder.build(DefaultProjectBuilder.java:560)
    at org.apache.maven.project.DefaultProjectBuilder.build(DefaultProjectBuilder.java:352)
    at org.apache.maven.DefaultMaven.collectProjects(DefaultMaven.java:636)
    at org.apache.maven.DefaultMaven.getProjectsForMavenReactor(DefaultMaven.java:585)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:234)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537)
    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
    at org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
Caused by: org.sonatype.aether.collection.DependencyCollectionException: Failed to collect dependencies for org.cyclopsgroup:awss3-maven-wagon:jar:0.1 ()
    at org.sonatype.aether.impl.internal.DefaultDependencyCollector.collectDependencies(DefaultDependencyCollector.java:258)
    at org.sonatype.aether.impl.internal.DefaultRepositorySystem.collectDependencies(DefaultRepositorySystem.java:308)
    at org.apache.maven.plugin.internal.DefaultPluginDependenciesResolver.resolve(DefaultPluginDependenciesResolver.java:199)
    ... 24 more
Caused by: org.sonatype.aether.resolution.VersionRangeResolutionException: No versions available for org.codehaus.jackson:jackson-core-asl:jar:[1.4,) within specified range
    at org.sonatype.aether.impl.internal.DefaultDependencyCollector.process(DefaultDependencyCollector.java:376)
    at org.sonatype.aether.impl.internal.DefaultDependencyCollector.process(DefaultDependencyCollector.java:544)
    at org.sonatype.aether.impl.internal.DefaultDependencyCollector.collectDependencies(DefaultDependencyCollector.java:240)
    ... 26 more
[ERROR] 
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/PluginResolutionException

IndexOutOfBoundsException when user photo is absent 

java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
  at java.util.LinkedList.entry(LinkedList.java:382)
  at java.util.LinkedList.get(LinkedList.java:332)
  at com.s3auth.rest.GoogleRs$1.photo(GoogleRs.java:147)
  at com.s3auth.rest.CryptedUser.photo(CryptedUser.java:123)
  at com.s3auth.rest.CryptedUser.toString(CryptedUser.java:136)

non-US -Region buckets don't work

When S3 bucket is not in US region this is the exception I'm getting:

The bucket you are attempting to access must be addressed using 
the specified endpoint. Please send all future requests to this endpoint

my s3auth domain stopped working

Worked last I checked (~48 hrs ago). Now I get the following:

failed to fetch / from 'wsapi.mydomain.com' (key=AKIAJ....: ["'+suffix': The specified key does not exist."]

Any ideas? If you need my domain/key specifics let me know and I'll direct message/email you.

ArrayIndexOutOfBoundsException in Htpasswd 

[WARN] com.jcabi.log.VerboseRunnable: escalated exception: java.lang.ArrayIndexOutOfBoundsException: 1
        at com.s3auth.hosts.Htpasswd.fetch(Htpasswd.java:130)
        at com.s3auth.hosts.Htpasswd.authorized(Htpasswd.java:107)
        at com.s3auth.hosts.DefaultHost.authorized(DefaultHost.java:132)
        at com.s3auth.hosts.GuardedHost.authorized(GuardedHost.java:95)
        at com.s3auth.relay.SecuredHost.fetch(SecuredHost.java:134)
        at com.s3auth.relay.HttpThread.run(HttpThread.java:105)
        at com.jcabi.log.VerboseRunnable.run(VerboseRunnable.java:129)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
        at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:351)
        at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:178)
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:165)
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:267)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
        at com.jcabi.log.VerboseThreads$2.run(VerboseThreads.java:182)
        at java.lang.Thread.run(Thread.java:679)

login mechanism for corporate users

Let's introduce some other login mechanism for corporate users. Facebook looks like a good solution for individuals, but not for companies.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.