Skip to content

Fix for Signing Error when ampersand character included in HttpQuery when using DefaultAwsCrtV4aSigner #4800

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Dec 27, 2023
Merged

Fix for Signing Error when ampersand character included in HttpQuery when using DefaultAwsCrtV4aSigner #4800

merged 2 commits into from
Dec 27, 2023

Conversation

joviegas
Copy link
Contributor

@joviegas joviegas commented Dec 22, 2023
edited
Loading

Motivation and Context

  • Signing Error when ampersand character included in HttpQuery when using DefaultAwsCrtV4aSigner
  • If the Query parameters had & in its value then Signing for those request used to always fail.

Modifications

  • The crtRequestToHttp loops through query returned by fullUri using "&" and "=" for finding Key and Value.
  • When the value has "&" or "=" it assumes it as separate parameters thus we need to use Raw non-decoded parameters,
  • The looping is done on getRawQuery and then its Decoded while doing a appendRawQueryParameter

Testing

  • Added Junit test case.
  • tested with a service where the issue was seen.

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

License

  • I confirm that this pull request can be released under the Apache 2 license

@joviegas joviegas requested a review from a team as a code owner December 22, 2023 00:30
dagnir
dagnir approved these changes Dec 27, 2023
View reviewed changes
...rc/test/java/software/amazon/awssdk/authcrt/signer/internal/CrtHttpRequestConverterTest.java Outdated
}

@Test
public void request_withQueryParams_ApersandAndEqualsInValue_isConvertedToCrtFormat() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: "ampersand"

dagnir
dagnir reviewed Dec 27, 2023
View reviewed changes
...rc/test/java/software/amazon/awssdk/authcrt/signer/internal/CrtHttpRequestConverterTest.java
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a test that includes other values besides = and & that should be URL encoded? Like a newline or something? Just to make sure CRT handles those too

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@joviegas joviegas enabled auto-merge (squash) December 27, 2023 21:05
@joviegas joviegas merged commit 722f187 into master Dec 27, 2023
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions

75.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dagnir dagnir dagnir approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@joviegas @dagnir