check only for correct header format instead of exact signature value

2024-12-01 03:27:31 +03:00 · 2023-08-25 14:52:28 +02:00 · 2023-08-25 14:52:28 +02:00 · bbb8b48af0
commit bbb8b48af0
parent e5a6a3a0ae
8 changed files with 13 additions and 9 deletions
--- a/integration/tests_ok/aws_sigv4.curl
+++ b/integration/tests_ok/aws_sigv4.curl
@ -1,2 +1,3 @@
-# FIXME: missing --aws-sigv4 option to fool integration tests on older systems
+# FIXME: actually use --aws-sigv4 option instead of a faked Authorization header,
-curl --header 'X-Amz-Date: 20230813T061344Z' --data 'test=test' --user-agent hurl-test --user 'someAccessKeyId:someSecretKey' 'http://localhost:8000/aws-sigv4'
+# once all integration test targets have a libcurl that supports aws-sigv4.
 curl --data 'test=test' --header "Authorization: AWS4-HMAC-SHA256 Credential=someAccessKeyId/20230825/eu-central-1/hurltest/aws4_request, SignedHeaders=host;x-amz-date, Signature=821d58e7c6a595f9dae0eafa66c0afbb0dfce4154e6bfec22aeafb11c970bf10" --user 'someAccessKeyId:someSecretKey' 'http://localhost:8000/aws-sigv4'
--- a/integration/tests_ok/aws_sigv4.html
+++ b/integration/tests_ok/aws_sigv4.html
@ -1,5 +1,4 @@
 <pre><code class="language-hurl"><span class="hurl-entry"><span class="request"><span class="line"><span class="method">POST</span> <span class="url">http://localhost:8000/aws-sigv4</span></span>
 <span class="line"><span class="string">X-Amz-Date</span>: <span class="string">20230813T061344Z</span></span>
 <span class="line"><span class="section-header">[FormParams]</span></span>
 <span class="line"><span class="string">test</span>: <span class="string">test</span></span>
 <span class="line"><span class="section-header">[Options]</span></span>
--- a/integration/tests_ok/aws_sigv4.hurl
+++ b/integration/tests_ok/aws_sigv4.hurl
@ -1,5 +1,4 @@
 POST http://localhost:8000/aws-sigv4
 X-Amz-Date: 20230813T061344Z
 [FormParams]
 test: test
 [Options]
--- a/integration/tests_ok/aws_sigv4.json
+++ b/integration/tests_ok/aws_sigv4.json
@ -1 +1 @@
-{"entries":[{"request":{"method":"POST","url":"http://localhost:8000/aws-sigv4","headers":[{"name":"X-Amz-Date","value":"20230813T061344Z"}],"form_params":[{"name":"test","value":"test"}],"options":[{"name":"aws-sigv4","value":"aws:amz:eu-central-1:hurltest"}]},"response":{"status":200}}]}
+{"entries":[{"request":{"method":"POST","url":"http://localhost:8000/aws-sigv4","form_params":[{"name":"test","value":"test"}],"options":[{"name":"aws-sigv4","value":"aws:amz:eu-central-1:hurltest"}]},"response":{"status":200}}]}
--- a/integration/tests_ok/aws_sigv4.out
+++ b/integration/tests_ok/aws_sigv4.out
@ -1 +1 @@
-Received Authorization header: AWS4-HMAC-SHA256 Credential=someAccessKeyId/20230813/eu-central-1/hurltest/aws4_request, SignedHeaders=content-type;host;user-agent;x-amz-date, Signature=12df762ad1cc454ccbd9721ce6a16d56491d59be2993210f65aa22bfd2d62b3f
+Received SigV4 Authorization header
--- a/integration/tests_ok/aws_sigv4.ps1
+++ b/integration/tests_ok/aws_sigv4.ps1
@ -1,3 +1,3 @@
 Set-StrictMode -Version latest
 $ErrorActionPreference = 'Stop'
-hurl --user-agent hurl-test --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl --verbose
+hurl --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl --verbose
--- a/integration/tests_ok/aws_sigv4.py
+++ b/integration/tests_ok/aws_sigv4.py
@ -1,8 +1,13 @@
 from flask import request
 from app import app
 import re
@app.route("/aws-sigv4", methods=["POST"])
 def aws_sigv4():
    auth = request.headers.get("Authorization")
-    return f"Received Authorization header: {auth}"
+    assert re.match(
        r"^AWS4-HMAC-SHA256 Credential=someAccessKeyId/\d+/eu-central-1/hurltest/aws4_request, SignedHeaders=\S+, Signature=[a-f0-9]+$",
        auth,
    )
    return "Received SigV4 Authorization header"
--- a/integration/tests_ok/aws_sigv4.sh
+++ b/integration/tests_ok/aws_sigv4.sh
@ -8,7 +8,7 @@ set -Eeuo pipefail
 set +e
 output_curl=$(curl --aws-sigv4 2>&1)
-output_hurl=$(hurl --user-agent hurl-test --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl 2>&1 )
+output_hurl=$(hurl --user someAccessKeyId:someSecretKey tests_ok/aws_sigv4.hurl 2>&1 )
 rc="$?"
 set -e
`@ -1 +1 @@`
	`{"entries":[{"request":{"method":"POST","url":"http://localhost:8000/aws-sigv4","headers":[{"name":"X-Amz-Date","value":"20230813T061344Z"}],"form_params":[{"name":"test","value":"test"}],"options":[{"name":"aws-sigv4","value":"aws:amz:eu-central-1:hurltest"}]},"response":{"status":200}}]}`	`{"entries":[{"request":{"method":"POST","url":"http://localhost:8000/aws-sigv4","form_params":[{"name":"test","value":"test"}],"options":[{"name":"aws-sigv4","value":"aws:amz:eu-central-1:hurltest"}]},"response":{"status":200}}]}`
		`@ -1 +1 @@`
			`Received Authorization header: AWS4-HMAC-SHA256 Credential=someAccessKeyId/20230813/eu-central-1/hurltest/aws4_request, SignedHeaders=content-type;host;user-agent;x-amz-date, Signature=12df762ad1cc454ccbd9721ce6a16d56491d59be2993210f65aa22bfd2d62b3f`				`Received SigV4 Authorization header`