PyPI - object-storage-proxy - Versions diffs - 0.3.2__tar.gz → 0.3.4__tar.gz - Mend

object-storage-proxy 0.3.2tar.gz → 0.3.4tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/.github/workflows/ci.yml RENAMED Viewed

@@ -235,7 +235,7 @@ jobs:
   release:
     name: Release
     runs-on: ubuntu-latest
-    if: ${{ startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch' }}
+    # if: ${{ startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch' }}
     needs: [test, linux, musllinux, macos, sdist]
     permissions:
       # Use to sign the release artifacts

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/.gitignore RENAMED Viewed

@@ -4,4 +4,5 @@
 .env
 .venv
 .DS_Store
-*.pem
+*.pem
+*/with_*.log

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/Cargo.lock RENAMED Viewed

@@ -1701,7 +1701,7 @@ dependencies = [
 [[package]]
 name = "object-storage-proxy"
-version = "0.3.2"
+version = "0.3.4"
 dependencies = [
  "async-trait",
  "chrono",

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/Cargo.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [package]
 name = "object-storage-proxy"
-version = "0.3.2"
+version = "0.3.4"
 edition = "2024"
 [dependencies]

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: object-storage-proxy
-Version: 0.3.2
+Version: 0.3.4
 Classifier: License :: Other/Proprietary License
 Classifier: Programming Language :: Rust
 Classifier: Programming Language :: Python :: Implementation :: CPython
@@ -176,7 +176,7 @@ s3 =
 ~/.aws/credentials
 ```ini
 [osp]
-aws_access_key_id = MYLOCAL123  # <-- this could be an openid connect/oauth2 token or anything that makes sense for your business
+aws_access_key_id = MYLOCAL123  # <-- this could be an internal client identifier, to fetch openid connect/oauth2 token or anything that makes sense for your business
 aws_secret_access_key = nothingmeaningful # <-- private key to sign original request
 ```
@@ -247,7 +247,7 @@ def lookup_secret_key(access_key: str) -> str | None:
 def do_validation(token: str, bucket: str) -> bool:
     """ Authorize the request based on token for the given bucket.
         You can plug in your own authorization service here.
-        The token is the authorization token passed in the request.
+        The token is a client identifier used to fetch an authorization token and further authenticate/authorize.
         The bucket is the bucket name.
         The function should return True if the request is authorized, False otherwise.
     """

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/README.md RENAMED Viewed

@@ -156,7 +156,7 @@ s3 =
 ~/.aws/credentials
 ```ini
 [osp]
-aws_access_key_id = MYLOCAL123  # <-- this could be an openid connect/oauth2 token or anything that makes sense for your business
+aws_access_key_id = MYLOCAL123  # <-- this could be an internal client identifier, to fetch openid connect/oauth2 token or anything that makes sense for your business
 aws_secret_access_key = nothingmeaningful # <-- private key to sign original request
 ```
@@ -227,7 +227,7 @@ def lookup_secret_key(access_key: str) -> str | None:
 def do_validation(token: str, bucket: str) -> bool:
     """ Authorize the request based on token for the given bucket.
         You can plug in your own authorization service here.
-        The token is the authorization token passed in the request.
+        The token is a client identifier used to fetch an authorization token and further authenticate/authorize.
         The bucket is the bucket name.
         The function should return True if the request is authorized, False otherwise.
     """

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/src/credentials/signer.rs RENAMED Viewed

@@ -103,6 +103,8 @@ impl<'a> AwsSign<'a, HashMap<String, String>> {
                 "range",
                 "x-amz-content-sha256",
                 "x-amz-security-token",
+                "trailer",
+                "x-amz-trailer",
             ]
         };
@@ -358,6 +360,7 @@ pub(crate) async fn sign_request(
         // empty body → empty slice
         "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" => &[], // sha256 hash of empty string
         "UNSIGNED-PAYLOAD" => b"UNSIGNED-PAYLOAD",
+        "STREAMING-UNSIGNED-PAYLOAD-TRAILER" => b"STREAMING-UNSIGNED-PAYLOAD-TRAILER",
         // unreachable code
         _ => &[],
     };

{object_storage_proxy-0.3.2 → object_storage_proxy-0.3.4}/src/lib.rs RENAMED Viewed

@@ -7,6 +7,7 @@ use http::uri::Authority;
 use parsers::cos_map::{CosMapItem, parse_cos_map};
 use parsers::keystore::parse_hmac_list;
 use pingora::http::ResponseHeader;
+use pingora::protocols::ALPN;
 use pingora::Result;
 use pingora::proxy::{ProxyHttp, Session};
 use pingora::server::Server;
@@ -269,6 +270,17 @@ impl ProxyHttp for MyProxy {
         let mut peer = Box::new(HttpPeer::new(addr, true, endpoint.clone()));
+        // todo: make ths configurable
+        peer.options.max_h2_streams = 32;
+        peer.options.h2_ping_interval = Some(Duration::from_secs(30));
+        // peer.options.idle_timeout          = Some(Duration::from_secs(300));
+        // peer.options.connection_timeout    = Some(Duration::from_secs(30));
+        // peer.options.read_timeout          = Some(Duration::from_secs(300));
+        // peer.options.write_timeout         = Some(Duration::from_secs(300));
         debug!("peer: {:#?}", &peer);
         if let Some(verify) = self.verify {
@@ -623,6 +635,8 @@ impl ProxyHttp for MyProxy {
             "x-amz-content-sha256",
             "x-amz-security-token",
             "range",
+            "trailer",
+            "x-amz-trailer",
         ];
         let to_check: Vec<String> = upstream_request