providers/aws: Refactor + fix 2x Authorization header append issue. #5475
Commits on Dec 12, 2022
-
providers/aws: Refactor + Fix 2x Authorization header append issue.
This commit refactors the shared AWS Sig v4 signing code, specifically to prevent the issue behind open-policy-agent#5472. The underlying problem for open-policy-agent#5472 was that the `"Authorization"` header was being appended *twice* to the request, but only for the AWS REST plugin, because the value was pulled twice from the signed headers map. This was not caught by the unit tests, because the REST plugin's unit tests all assumed the header was single-valued and canonicalized. We now explicitly test for that condition in the unit tests, and the signing code now returns the AWS headers map separately from the value for the `"Authorization"` header, reducing the potential for this mistake to happen in the future. Fixes: open-policy-agent#5472 Signed-off-by: Philip Conrad <philipaconrad@gmail.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.