Skip to content

feat(storage): implement V4 Signed Policy Documents#5914

Merged
xlai20 merged 28 commits into
googleapis:mainfrom
xlai20:branch-v4-signed-policy-document
Jun 26, 2026
Merged

feat(storage): implement V4 Signed Policy Documents#5914
xlai20 merged 28 commits into
googleapis:mainfrom
xlai20:branch-v4-signed-policy-document

Conversation

@xlai20

@xlai20 xlai20 commented Jun 18, 2026

Copy link
Copy Markdown
Member

Description

This PR introduces support for generating V4 Signed Policy Documents (PostPolicyV4Builder), bringing the Rust SDK into feature parity with other official GCS SDKs for POST form object uploads.

Design Doc: go/rust-sdk-feature-v4-signed-policy-document-implementation_plan

Key Additions

  • PostPolicyV4Builder API: A fluent builder API to configure URL styles, exact-match fields, starts-with prefix conditions, and content-length-range limits.
  • Strict JSON Serialization: Implemented exact-byte character escaping using UTF-16 surrogate pairs (\uXXXX) to guarantee flawless Base64 JSON encoding, satisfying GCS's stringent signature validation requirements.

Testing & Validation

  • Manual Validation: I have manually run the added generate_signed_post_policy_v4 sample code against a real Cloud Storage bucket and verified the upload worked correctly.
  • Conformance Tests Passed: Integrated with the official v4_signatures.json test harness, successfully passing 100% (11/11) of the postPolicyV4Tests (covering Path Style, Virtual Hosted Style, Bucket Bound Hostnames, and Unicode conditions).
  • Cross-Language Parity Check: Verified that $key condition formulation and the maximum 7-day expiration bounds behave identically to the official Go and C++ SDKs.
  • Integration Tests: Added signed_post_policies_v4 in tests/storage/src/lib.rs which dynamically constructs a policy and performs a live upload using a reqwest multipart form. It ran successfully against a real Cloud bucket.

@product-auto-label product-auto-label Bot added the api: storage Issues related to the Cloud Storage API. label Jun 18, 2026

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements support for GCS V4 Signed Policy Documents (POST Object Forms) by introducing PostPolicyV4Builder and PostPolicyV4Result, along with associated examples, integration tests, and conformance tests. Key feedback includes addressing a bug where custom endpoints with ports lose their port number during URL resolution, automatically prepending $ to starts-with fields, validating expiration limits and content length ranges, avoiding an unnecessary clone of client_email, and switching from HashMap to BTreeMap for deterministic field ordering.

Comment thread src/storage/src/storage/post_policy.rs Outdated
Comment thread src/storage/src/storage/post_policy.rs
Comment thread src/storage/src/storage/post_policy.rs Outdated
Comment thread src/storage/src/storage/post_policy.rs Outdated
Comment thread src/storage/src/storage/post_policy.rs
Comment thread src/storage/src/storage/post_policy.rs Outdated
@codecov

codecov Bot commented Jun 18, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 91.46341% with 35 lines in your changes missing coverage. Please review.
✅ Project coverage is 97.80%. Comparing base (a9f9f4d) to head (ec49624).

Files with missing lines Patch % Lines
src/storage/src/storage/post_policy.rs 91.46% 35 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #5914      +/-   ##
==========================================
- Coverage   97.84%   97.80%   -0.05%     
==========================================
  Files         239      240       +1     
  Lines       60282    60692     +410     
==========================================
+ Hits        58985    59361     +376     
- Misses       1297     1331      +34     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@xlai20 xlai20 marked this pull request as ready for review June 18, 2026 07:44
@xlai20 xlai20 requested review from a team as code owners June 18, 2026 07:44
@xlai20 xlai20 requested a review from joshuatants June 18, 2026 07:44
Comment thread src/storage/src/storage/post_policy.rs Outdated
Comment thread src/storage/src/storage/post_policy.rs
Comment thread src/storage/src/storage/post_policy.rs Outdated
Comment thread src/storage/src/storage/post_policy.rs
Comment thread src/storage/src/storage/post_policy.rs
@xlai20 xlai20 requested a review from joshuatants June 22, 2026 06:52
@xlai20

xlai20 commented Jun 22, 2026

Copy link
Copy Markdown
Member Author

@joshuatants I've made 9 more commits since your review, to address your concerns and also further improved the code. These are the changes after your review:

  • API Simplifications:
    • Removed with_scheme() and with_bucket_bound_hostname() methods from PostPolicyV4Builder.
    • Unified endpoint processing logic in a new resolve_endpoint() helper that standardizes the http/https prefix before resolving the host.
  • Bucket Name Validation: Added check_bucket_name() to strictly enforce that the provided bucket name must begin with the "projects/_/buckets/" prefix.
  • System Keys Protection: Extended the protected system_keys check to include "x-goog-signature" and "policy", guaranteeing that user-supplied malicious or conflicting fields are ignored in favor of the system-generated defaults.
  • Documentation & Doc Tests: Added comprehensive Rustdoc examples (/// # Example) and doc tests covering how to use PostPolicyV4Builder and each of its builder configuration methods.
  • Test Updates:
    • Updated existing tests to accommodate the "projects/_/buckets/" prefix requirement and the unified endpoint behavior.
    • Added a new post_policy_v4_custom_fields edge-case test to verify that custom system fields correctly drop/override conflicting user-supplied configurations while preserving standard custom fields (e.g., x-goog-meta-*).
  • Example Script Updates: Modified the example generate_signed_post_policy_v4.rs to format the bucket string properly with "projects/_/buckets/" and included an extra "x-goog-meta-test" metadata field demo.

Comment thread src/storage/src/storage/post_policy.rs
Comment thread src/storage/src/storage/post_policy.rs Outdated
Comment thread src/storage/examples/src/objects/generate_signed_post_policy_v4.rs
@xlai20 xlai20 requested a review from joshuatants June 23, 2026 04:41
@joshuatants joshuatants requested a review from a team June 23, 2026 08:19

/// The result of signing a V4 POST Policy Document.
#[derive(Debug, Clone, serde::Serialize)]
pub struct PostPolicyV4Result {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you imagine this thing growing?

If so, tag the struct as #[non_exhaustive]

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. Tagged the struct as #[non_exhaustive]. Thanks for pointing this out.

We can't predict if there'll be product evolution in the future; for backward compatibility, tagging this public data structure to prevent user doing exhaustive pattern matching is a safer way.

@xlai20 xlai20 requested a review from dbolduc June 24, 2026 06:45
@xlai20 xlai20 merged commit 31c15bf into googleapis:main Jun 26, 2026
41 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

api: storage Issues related to the Cloud Storage API.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Feature parity for generateSignedPostPolicyV4 storage_generate_signed_post_policy_v4

3 participants