remove unnecessary LRU for internode auth token (#20119)

removes contentious usage of mutexes in LRU, which were never really reused in any manner; we do not need it. To trust hosts, the correct way is TLS certs; this PR completely removes this dependency, which has never been useful. ``` 0 0% 100% 25.83s 26.76% github.com/hashicorp/golang-lru/v2/expirable.(*LRU[...]) 0 0% 100% 28.03s 29.04% github.com/hashicorp/golang-lru/v2/expirable.(*LRU[...]) ``` Bonus: use `x-minio-time` as a nanosecond to avoid unnecessary parsing logic of time strings instead of using a more straightforward mechanism.
2026-02-04 18:00:15 -05:00 · 2024-07-22 00:04:48 -07:00
parent 3ef59d2821
commit 8e618d45fc
17 changed files with 58 additions and 475 deletions
--- a/cmd/object-lambda-handlers.go
+++ b/cmd/object-lambda-handlers.go
@@ -19,6 +19,7 @@ package cmd

 import (
 	"crypto/subtle"
+	"encoding/hex"
 	"io"
 	"net/http"
 	"net/url"
@@ -33,6 +34,7 @@ import (

 	"github.com/minio/minio/internal/auth"
 	levent "github.com/minio/minio/internal/config/lambda/event"
+	"github.com/minio/minio/internal/hash/sha256"
 	xhttp "github.com/minio/minio/internal/http"
 	"github.com/minio/minio/internal/logger"
 )
@@ -77,16 +79,13 @@ func getLambdaEventData(bucket, object string, cred auth.Credentials, r *http.Re
 		return levent.Event{}, err
 	}

-	token, err := authenticateNode(cred.AccessKey, cred.SecretKey, u.RawQuery)
-	if err != nil {
-		return levent.Event{}, err
-	}
+	ckSum := sha256.Sum256([]byte(cred.AccessKey + u.RawQuery))

 	eventData := levent.Event{
 		GetObjectContext: &levent.GetObjectContext{
 			InputS3URL:  u.String(),
 			OutputRoute: shortuuid.New(),
-			OutputToken: token,
+			OutputToken: hex.EncodeToString(ckSum[:]),
 		},
 		UserRequest: levent.UserRequest{
 			URL:     r.URL.String(),