Orange-OpenSource/hurl
1
1
Fork 0
mirror of https://github.com/Orange-OpenSource/hurl.git synced 2024-12-01 03:27:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

check only for correct header format instead of exact signature value

Browse Source
This commit is contained in:
apparentorder 2023-08-25 14:52:28 +02:00
parent e5a6a3a0ae
commit bbb8b48af0
No known key found for this signature in database
8 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
integration/tests_ok/aws_sigv4.curl
View File

@ -1,2 +1,3 @@
# FIXME: missing --aws-sigv4 option to fool integration tests on older systems
curl --header 'X-Amz-Date: 20230813T061344Z' --data 'test=test' --user-agent hurl-test --user 'someAccessKeyId:someSecretKey' 'http://localhost:8000/aws-sigv4'
# FIXME: actually use --aws-sigv4 option instead of a faked Authorization header,
# once all integration test targets have a libcurl that supports aws-sigv4.
curl --data 'test=test' --header "Authorization: AWS4-HMAC-SHA256 Credential=someAccessKeyId/20230825/eu-central-1/hurltest/aws4_request, SignedHeaders=host;x-amz-date, Signature=821d58e7c6a595f9dae0eafa66c0afbb0dfce4154e6bfec22aeafb11c970bf10" --user 'someAccessKeyId:someSecretKey' 'http://localhost:8000/aws-sigv4'

1
integration/tests_ok/aws_sigv4.html
View File

@ -1,5 +1,4 @@
<pre><code class="language-hurl"><span class="hurl-entry"><span class="request"><span class="line"><span class="method">POST</span> <span class="url">http://localhost:8000/aws-sigv4</span></span>
<span class="line"><span class="string">X-Amz-Date</span>: <span class="string">20230813T061344Z</span></span>
<span class="line"><span class="section-header">[FormParams]</span></span>
<span class="line"><span class="string">test</span>: <span class="string">test</span></span>
<span class="line"><span class="section-header">[Options]</span></span>

1
integration/tests_ok/aws_sigv4.hurl
View File

@ -1,5 +1,4 @@
POST http://localhost:8000/aws-sigv4
X-Amz-Date: 20230813T061344Z
[FormParams]
test: test
[Options]

2
integration/tests_ok/aws_sigv4.json
View File

@ -1 +1 @@
{"entries":[{"request":{"method":"POST","url":"http://localhost:8000/aws-sigv4","headers":[{"name":"X-Amz-Date","value":"20230813T061344Z"}],"form_params":[{"name":"test","value":"test"}],"options":[{"name":"aws-sigv4","value":"aws:amz:eu-central-1:hurltest"}]},"response":{"status":200}}]}
{"entries":[{"request":{"method":"POST","url":"http://localhost:8000/aws-sigv4","form_params":[{"name":"test","value":"test"}],"options":[{"name":"aws-sigv4","value":"aws:amz:eu-central-1:hurltest"}]},"response":{"status":200}}]}

2
integration/tests_ok/aws_sigv4.out
View File

@ -1 +1 @@
Received Authorization header: AWS4-HMAC-SHA256 Credential=someAccessKeyId/20230813/eu-central-1/hurltest/aws4_request, SignedHeaders=content-type;host;user-agent;x-amz-date, Signature=12df762ad1cc454ccbd9721ce6a16d56491d59be2993210f65aa22bfd2d62b3f
Received SigV4 Authorization header

2
integration/tests_ok/aws_sigv4.ps1
View File

@ -1,3 +1,3 @@
Set-StrictMode -Version latest
$ErrorActionPreference = 'Stop'
hurl --user-agent hurl-test --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl --verbose
hurl --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl --verbose

7
integration/tests_ok/aws_sigv4.py
View File

@ -1,8 +1,13 @@
from flask import request
from app import app
import re
@app.route("/aws-sigv4", methods=["POST"])
def aws_sigv4():
auth = request.headers.get("Authorization")
return f"Received Authorization header: {auth}"
assert re.match(
r"^AWS4-HMAC-SHA256 Credential=someAccessKeyId/\d+/eu-central-1/hurltest/aws4_request, SignedHeaders=\S+, Signature=[a-f0-9]+$",
auth,
)
return "Received SigV4 Authorization header"

2
integration/tests_ok/aws_sigv4.sh
View File

@ -8,7 +8,7 @@ set -Eeuo pipefail
set +e
output_curl=$(curl --aws-sigv4 2>&1)
output_hurl=$(hurl --user-agent hurl-test --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl 2>&1 )
output_hurl=$(hurl --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl 2>&1 )
rc="$?"
set -e