0
Fork 0
mirror of https://github.com/willnorris/imageproxy.git synced 2025-01-06 22:40:34 -05:00

add signature key flag to imageproxy command

This commit is contained in:
Will Norris 2015-05-11 22:46:00 -07:00
parent a9efefc8e7
commit 7a0f78f4be
2 changed files with 58 additions and 8 deletions

View file

@ -76,6 +76,12 @@ image horizontally. Images are flipped **after** being resized and rotated.
The `q{percentage}` option can be used to specify the output quality (JPEG The `q{percentage}` option can be used to specify the output quality (JPEG
only). If not specified, the default value of `95` is used. only). If not specified, the default value of `95` is used.
#### Signature ####
The `s{signature}` option specifies an optional base64 encoded HMAC used to
sign the remote URL in the request. The HMAC key used to verify signatures is
provided to the imageproxy server on startup.
### Remote URL ### ### Remote URL ###
The URL of the original image to load is specified as the remainder of the The URL of the original image to load is specified as the remainder of the
@ -129,10 +135,11 @@ unbounded. To cache images on disk instead, include the `cacheDir` flag:
imageproxy -cacheDir /tmp/imageproxy imageproxy -cacheDir /tmp/imageproxy
Reload the [codercat URL](http://localhost:8080/500/https://octodex.github.com/images/codercat.jpg), Reload the [codercat URL][], and then inspect the contents of
and then inspect the contents of `/tmp/imageproxy`. There should be two files `/tmp/imageproxy`. There should be two files there, one for the original
there, one for the original full-size codercat image, and one for the resized full-size codercat image, and one for the resized 500px version.
500px version.
[codercat URL]: http://localhost:8080/500/https://octodex.github.com/images/codercat.jpg
### Host whitelist ### ### Host whitelist ###
@ -144,10 +151,39 @@ running:
imageproxy -whitelist example.com imageproxy -whitelist example.com
Reload the [codercat URL](http://localhost:8080/500/https://octodex.github.com/images/codercat.jpg), Reload the [codercat URL][], and you should now get an error message. You can
and you should now get an error message. You can specify multiple hosts as a specify multiple hosts as a comma separated list, or prefix a host value with
comma separated list, or prefix a host value with `*.` to allow all sub-domains `*.` to allow all sub-domains as well.
as well.
### Signed Requests ###
Instead of a host whitelist, you can require that requests be signed. This is
useful in preventing abuse when you don't have just a static list of hosts you
want to allow. Signatures are generated using HMAC-SHA256 against the remote
URL, and url-safe base64 encoding the result:
base64urlencode(hmac.New(sha256, <key>).digest(<remote_url>))
The HMAC key is specified using the `signatureKey` flag. If this flag
begins with an "@", the remainder of the value is interpreted as a file on disk
which contains the HMAC key.
Try it out by running:
imageproxy -signatureKey "secret key"
Reload the [codercat URL][], and you should see an error message. Now load a
[signed codercat URL][] and verify that it loads properly.
[signed codercat URL]: http://localhost:8080/500,sXyMwWKIC5JPCtlYOQ2f4yMBTqpjtUsfI67Sp7huXIYY=/https://octodex.github.com/images/codercat.jpg
Some simple code samples for generating signatures in various languages can be
found starting in [this comment](https://github.com/willnorris/imageproxy/issues/11#issuecomment-101428470).
If both a whiltelist and signatureKey are specified, requests can match either.
In other words, requests that match one of the whitelisted hosts don't
necessarily need to be signed, though they can be.
Run `imageproxy -help` for a complete list of flags the command accepts. If Run `imageproxy -help` for a complete list of flags the command accepts. If
you want to use a different caching implementation, it's probably easiest to you want to use a different caching implementation, it's probably easiest to

View file

@ -18,6 +18,7 @@ package main
import ( import (
"flag" "flag"
"fmt" "fmt"
"io/ioutil"
"log" "log"
"net/http" "net/http"
"net/url" "net/url"
@ -43,6 +44,7 @@ var whitelist = flag.String("whitelist", "", "comma separated list of allowed re
var baseURL = flag.String("baseURL", "", "default base URL for relative remote URLs") var baseURL = flag.String("baseURL", "", "default base URL for relative remote URLs")
var cacheDir = flag.String("cacheDir", "", "directory to use for file cache") var cacheDir = flag.String("cacheDir", "", "directory to use for file cache")
var cacheSize = flag.Uint64("cacheSize", 100, "maximum size of file cache (in MB)") var cacheSize = flag.Uint64("cacheSize", 100, "maximum size of file cache (in MB)")
var signatureKey = flag.String("signatureKey", "", "HMAC key used in calculating request signatures")
var version = flag.Bool("version", false, "print version information") var version = flag.Bool("version", false, "print version information")
func main() { func main() {
@ -68,6 +70,18 @@ func main() {
if *whitelist != "" { if *whitelist != "" {
p.Whitelist = strings.Split(*whitelist, ",") p.Whitelist = strings.Split(*whitelist, ",")
} }
if *signatureKey != "" {
key := []byte(*signatureKey)
if strings.HasPrefix(*signatureKey, "@") {
file := strings.TrimPrefix(*signatureKey, "@")
var err error
key, err = ioutil.ReadFile(file)
if err != nil {
log.Fatalf("error reading signature file: %v", err)
}
}
p.SignatureKey = key
}
if *baseURL != "" { if *baseURL != "" {
var err error var err error
p.DefaultBaseURL, err = url.Parse(*baseURL) p.DefaultBaseURL, err = url.Parse(*baseURL)