Compare commits

...

1 Commits

Author SHA1 Message Date
Lauren Spiegel 08d45d4349 FIX: v4 signing tool
(cherry picked from commit 526dcf4148)
2018-01-12 15:23:20 -08:00
2 changed files with 45 additions and 0 deletions

View File

@ -1,6 +1,7 @@
'use strict'; // eslint-disable-line strict 'use strict'; // eslint-disable-line strict
const crypto = require('crypto'); const crypto = require('crypto');
const url = require('url');
const errors = require('../errors'); const errors = require('../errors');
const queryString = require('querystring'); const queryString = require('querystring');
const AuthInfo = require('./AuthInfo'); const AuthInfo = require('./AuthInfo');
@ -144,6 +145,7 @@ function doAuth(request, log, cb, awsService, requestContexts) {
return cb(errors.InternalError); return cb(errors.InternalError);
} }
/** /**
* This function will generate a version 4 header * This function will generate a version 4 header
* *
@ -159,6 +161,11 @@ function doAuth(request, log, cb, awsService, requestContexts) {
function generateV4Headers(request, data, accessKey, secretKeyValue, function generateV4Headers(request, data, accessKey, secretKeyValue,
awsService, proxyPath) { awsService, proxyPath) {
Object.assign(request, { headers: {} }); Object.assign(request, { headers: {} });
// hold the full path to restore the request after creating signature
const holdPath = request.path;
// pull the path without the query since canonical uri is without query
// eslint-disable-next-line no-param-reassign
request.path = url.parse(request.path, true).pathname;
const amzDate = convertUTCtoISO8601(Date.now()); const amzDate = convertUTCtoISO8601(Date.now());
// get date without time // get date without time
const scopeDate = amzDate.slice(0, amzDate.indexOf('T')); const scopeDate = amzDate.slice(0, amzDate.indexOf('T'));
@ -202,6 +209,9 @@ function generateV4Headers(request, data, accessKey, secretKeyValue,
`Signature=${signature}`; `Signature=${signature}`;
request.setHeader('authorization', authorizationHeader); request.setHeader('authorization', authorizationHeader);
Object.assign(request, { headers: {} }); Object.assign(request, { headers: {} });
// restore path
// eslint-disable-next-line no-param-reassign
request.path = holdPath;
} }
module.exports = { module.exports = {

View File

@ -0,0 +1,35 @@
'use strict'; // eslint-disable-line strict
const http = require('http');
const assert = require('assert');
const lolex = require('lolex');
const generateV4Headers = require('../../../../lib/auth/auth')
.client.generateV4Headers;
describe('generateV4Headers', () => {
it('should generate valid v4 headers for signing a ' +
'request even when request has a query', () => {
const query = 'userMd.`x-amz-meta-dog`="labrador"';
const escapedSearch = encodeURIComponent(query);
const options = {
host: '127.0.0.1',
port: '8000',
method: 'GET',
path: `/searchdemo/?search=${escapedSearch}`,
headers: { 'Content-Length': 0 },
};
const request = http.request(options, () => {});
const clock = lolex.install(1515718759886);
generateV4Headers(request, { search: query },
'accessKey1', 'verySecretKey1', 's3');
const result = request._headers.authorization;
clock.uninstall();
assert.strictEqual(result,
'AWS4-HMAC-SHA256 Credential=accessKey1' +
'/20180112/us-east-1/s3/aws4_request, ' +
'SignedHeaders=host;x-amz-content-sha256;x-amz-date, ' +
'Signature=84b568558470827963fb6aeb1ba4747d75e394dc2' +
'14044febe2ec3247de6a839');
});
});