Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Include origin header in url generation request
  • Loading branch information
regalijan committed Oct 19, 2023
1 parent 25a8623 commit fe6ff7f
Showing 1 changed file with 18 additions and 14 deletions.
32 changes: 18 additions & 14 deletions functions/gcloud.ts
Expand Up @@ -16,7 +16,7 @@ export async function GenerateUploadURL(
env: Env,
path: string,
size: number,
fileExt: string
fileExt: string,
): Promise<string> {
const accessToken = await GetAccessToken(env);
const contentTypes: { [k: string]: string } = {
Expand All @@ -38,21 +38,25 @@ export async function GenerateUploadURL(

const resumableUploadReq = await fetch(
`https://storage.googleapis.com/upload/storage/v1/b/portal-carcrushers-cc/o?uploadType=resumable&name=${encodeURIComponent(
path
path,
)}`,
{
headers: {
authorization: `Bearer ${accessToken}`,
origin:
typeof env.LOCAL === "undefined"
? "https://carcrushers.cc"
: "http://localhost:8788",
"x-upload-content-type": contentTypes[fileExt],
"x-upload-content-length": size.toString(),
},
method: "POST",
}
},
);

if (!resumableUploadReq.ok)
throw new Error(
`Failed to create resumable upload: ${await resumableUploadReq.text()}`
`Failed to create resumable upload: ${await resumableUploadReq.text()}`,
);

const url = resumableUploadReq.headers.get("location");
Expand All @@ -71,7 +75,7 @@ async function GetAccessToken(env: Env): Promise<string> {
iss: env.WORKER_GSERVICEACCOUNT,
scope:
"https://www.googleapis.com/auth/datastore https://www.googleapis.com/auth/devstorage.read_write",
})
}),
)
.replaceAll("+", "-")
.replaceAll("/", "_")
Expand All @@ -82,15 +86,15 @@ async function GetAccessToken(env: Env): Promise<string> {
stringToBuffer(atob(env.STORAGE_ACCOUNT_KEY.replace(/(\r\n|\n|\r)/gm, ""))),
{ name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
false,
["sign"]
["sign"],
);
const signature = await crypto.subtle.sign(
{ name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
signingKey,
stringToBuffer(`eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.${claimSet}`)
stringToBuffer(`eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.${claimSet}`),
);
const assertion = `eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.${claimSet}.${arrBufToB64Url(
signature
signature,
)}`;
const tokenRequest = await fetch("https://oauth2.googleapis.com/token", {
body: `grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=${assertion}`,
Expand All @@ -109,7 +113,7 @@ async function GetAccessToken(env: Env): Promise<string> {
async function getKeyIDs(
access_token: string,
projectId: string,
keys: { partitionId: { projectId: string }; path: { kind: string }[] }[]
keys: { partitionId: { projectId: string }; path: { kind: string }[] }[],
) {
const keyRequest = await fetch(
`https://datastore.googleapis.com/v1/projects/${projectId}:allocateIds`,
Expand All @@ -120,7 +124,7 @@ async function getKeyIDs(
"content-type": "application/json",
},
method: "POST",
}
},
);

if (!keyRequest.ok) {
Expand All @@ -134,7 +138,7 @@ async function getKeyIDs(
export async function insertLogs(
userActionMap: { [k: string]: number },
reportId: string,
context: RequestContext
context: RequestContext,
) {
const accessToken = await GetAccessToken(context.env);
const actionBaseURLs: { [k: number]: string } = {
Expand Down Expand Up @@ -171,7 +175,7 @@ export async function insertLogs(
const keys = await getKeyIDs(
accessToken,
context.env.DATASTORE_PROJECT,
preAllocatedLogKeys
preAllocatedLogKeys,
);

for (const [user, action] of Object.entries(userActionMap)) {
Expand Down Expand Up @@ -208,7 +212,7 @@ export async function insertLogs(
"content-type": "application/json",
},
method: "POST",
}
},
);

if (!mutationRequest.ok) {
Expand Down Expand Up @@ -253,7 +257,7 @@ export async function queryLogs(user: number, context: RequestContext) {
"content-type": "application/json",
},
method: "POST",
}
},
);

if (!queryRequest.ok) {
Expand Down

0 comments on commit fe6ff7f

Please sign in to comment.