From ea607a0498607ce5295b0a2e226e2ec6e0185770 Mon Sep 17 00:00:00 2001 From: Marco Klein Date: Mon, 2 Oct 2023 01:48:38 +0200 Subject: [PATCH] fix: :bug: Fix content hash not working properly for lambda invocations --- src/services/request-verification.service.ts | 22 +++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/services/request-verification.service.ts b/src/services/request-verification.service.ts index 82880b0..c63cc2d 100644 --- a/src/services/request-verification.service.ts +++ b/src/services/request-verification.service.ts @@ -95,15 +95,17 @@ export class RequestVerificationService { const headers = this.getCleansedHeaders(request, incomingSignature); - const signedCounterCheckRequest = this._signatureService.signRequestData(accessKeyId, secretKey, { - host: request.hostname, - method: request.method, - path: url, - body: request.rawBody || undefined, - service: incomingSignature.credential.service, - headers, - region: incomingSignature.credential.region - }); + const signedCounterCheckRequest = this._signatureService.signRequestData( + accessKeyId, + secretKey, { + host: request.hostname, + method: request.method, + path: url, + body: request.rawBody || request.body || undefined, + service: incomingSignature.credential.service, + headers, + region: incomingSignature.credential.region + }); const resultHeaders = signedCounterCheckRequest.headers as OutgoingHttpHeaders; if (resultHeaders['Authorization']) { @@ -122,7 +124,7 @@ export class RequestVerificationService { if (signature !== incomingSignature.signature) { this._logger.debug( `Signatures do not match. This indicates a wrong signature supplied in the request.` + - `(Incoming=${incomingSignature};Generated=${signature})`); + `(Incoming=${incomingSignature.signature}(${incomingSignature.signedHeaders.join(';')});Generated=${signature}(${signedCounterCheckAuth.signedHeaders.join(';')}))`); return this.unauthorized; }