Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Presigned URLs contains extra slash '/' between Hostaname and the ObjectPath #119

Open
Sergei-Kraven opened this issue Dec 24, 2024 · 1 comment
Open

Presigned URLs contains extra slash '/' between Hostaname and the ObjectPath #119

Sergei-Kraven opened this issue Dec 24, 2024 · 1 comment
Assignees
@olegbespalov
Labels
triage

Comments

@Sergei-Kraven
Copy link

Hello!
Thanks a lot for your library, it really useful, but unfortunately I faced an unexpected behavior. Maybe I've missed up something, I'm expecting that the following code will returned a valid pre-signed URL to the object, but it doesn't work properly due to double slash (//) between the hostname (endpoint) and the object path:

import {
  AWSConfig,
  Endpoint,
  SignatureV4,
  AMZ_CONTENT_SHA256_HEADER,
} from 'https://jslib.k6.io/aws/0.13.0/signature'

export const options = {
  scenarios: {
    shared_iter_scenario: {
      executor: 'shared-iterations',
      vus: 1,
      iterations: 1,
    },
  },
};

export default function () {
  const awsConfig = new AWSConfig({
    region: 'us-east-1',
    accessKeyId: 'AKI.............6JOM',
    secretAccessKey: 'tI3PQ.............................la0C1b',
  })

  const signer = new SignatureV4({
    service: 's3',
    region: awsConfig.region,
    credentials: {
      accessKeyId: awsConfig.accessKeyId,
      secretAccessKey: awsConfig.secretAccessKey,
    },
    applyChecksum: false,
    uriEscapePath: true,
  })

  const signedRequest = signer.presign(
    {
      method: 'GET',
      endpoint: new Endpoint(`https://s3.${awsConfig.region}.amazonaws.com/`),
      path: '/bucket-name/path/to/the/file.txt',
      headers: {
        [AMZ_CONTENT_SHA256_HEADER]: 'UNSIGNED-PAYLOAD'
      },
    },
    {
      expiresIn: 480,
      signingDate: new Date(),
      signingService: 's3',
      signingRegion: awsConfig.region,
    }
  )

  const signedUrl = signedRequest.url.replace('.com//', '.com/') // !!! <-- DIRTY WORKAROUND !!!

  console.log(signedUrl)
}

The actual URL without the workaround is:

https://s3.us-east-1.amazonaws.com//bucket-name/path/to/the/file.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASRU53BBKVAXY6IQM%2F20241224%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241224T150147Z&X-Amz-Expires=480&X-Amz-Signature=786f1a63dbe05922463789decc54cd9489e62a40381927fb13f84dea964c7796&X-Amz-SignedHeaders=host&x-amz-content-sha256=UNSIGNED-PAYLOAD

k6-jslib-aws/src/internal/signature.ts

Lines 167 to 169 in 06c4196

if (!url.endsWith('/') && !request.path.startsWith('/')) {
url += '/'
}

Probably the same logic as in the code above should be here to avoid extra slash, but I'm not sure completely:

k6-jslib-aws/src/internal/signature.ts

Line 276 in 06c4196

url = url?.endsWith('/') ? url : url + '/'

@tarampampam
Copy link

I have the same issue 😞

@Sergei-Kraven Sergei-Kraven mentioned this issue Dec 26, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@olegbespalov olegbespalov

Labels
triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@olegbespalov @tarampampam @Sergei-Kraven