Skip to content

Commit

Permalink
WIP: log bad header
Browse files Browse the repository at this point in the history
  • Loading branch information
@justinsb @rifelpet
justinsb authored and rifelpet committed May 5, 2024
1 parent 404145a commit 677573a
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions upup/pkg/fi/cloudup/awsup/aws_verifier.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ import (
"github.com/aws/aws-sdk-go-v2/service/ec2"
"github.com/aws/aws-sdk-go-v2/service/sts"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/klog/v2"
"k8s.io/kops/pkg/bootstrap"
nodeidentityaws "k8s.io/kops/pkg/nodeidentity/aws"
"k8s.io/kops/pkg/wellknownports"
Expand Down Expand Up @@ -154,6 +155,7 @@ func (a awsVerifier) VerifyToken(ctx context.Context, rawRequest *http.Request,
}
signedHeaders := sets.New(strings.Split(reqURL.Query().Get("X-Amz-SignedHeaders"), ",")...)
if !signedHeaders.Has("x-kops-request-sha") {
klog.Warningf("unexpected signed headers value, want x-kops-request-sha, got %q", signedHeaders.UnsortedList())
return nil, fmt.Errorf("unexpected signed headers value")
}

Expand Down

0 comments on commit 677573a

Please sign in to comment.