"key" argument must of of type string, need to specify a signatureVersion to make it work for IAM

[jhaaken]

was supposed to be fixed in #83 and release 1.10.2 if I understand the resolution of the defect, but I am still needing to provided a signatureVersion of iam to get it to properly authenticate. If that is what the solution should be that is fine, just need to make sure documentation is adjusted. As posted in #83 it looks like the method is defaulting to v4.

• node version

> node -v                  
v14.15.4

• simple script

const IBMCOS = require('ibm-cos-sdk');
const cosConfig = {
  endpoint: 's3.us-east.cloud-object-storage.appdomain.cloud',
  apiKeyId: '<api-key>',
  serviceInstanceId: '<service-instance-id>',
  // signatureVersion: 'iam'  // ==> add this in to make it work per github.com/IBM/ibm-cos-sdk-js/issues/83
};

const bucket = '<bucket-name>';
const key = 'some-test/1234/hello-world.txt';

try {
  console.log(`file key ${key}`);

  const cos = new IBMCOS.S3(cosConfig);

  const buffer = Buffer.from('hello world');

  const payload = {
    Bucket: bucket,
    Key: key,
    Body: buffer,
    Metadata: {
      fileExt: `.txt`,
    },
  };

  cos.upload(payload, function(err, data) {
    if (err) {
      console.log('error', err);
    } else {
      console.log('success', data);
    }
  });

} catch (error) {
  console.log(error);
}

• output if not providing a signatureVersion of IAM

> node ./temp/cos-defect.js
file key some-test/1234/hello-world.txt
error TypeError [ERR_INVALID_ARG_TYPE]: The "key" argument must be of type string or an instance of Buffer, TypedArray, DataView, or KeyObject. Received undefined
    at prepareSecretKey (internal/crypto/keys.js:322:11)
    at new Hmac (internal/crypto/hash.js:111:9)
    at Object.createHmac (crypto.js:147:10)
    at Object.hmac (/Users/jhaaken/github-ibm/certauto/ms-data-api/node_modules/ibm-cos-sdk/lib/util.js:427:30)
    at Object.getSigningKey (/Users/jhaaken/github-ibm/certauto/ms-data-api/node_modules/ibm-cos-sdk/lib/signers/v4_credentials.js:62:8)
    at V4.signature (/Users/jhaaken/github-ibm/certauto/ms-data-api/node_modules/ibm-cos-sdk/lib/signers/v4.js:98:36)
    at V4.authorization (/Users/jhaaken/github-ibm/certauto/ms-data-api/node_modules/ibm-cos-sdk/lib/signers/v4.js:93:36)
    at V4.addAuthorization (/Users/jhaaken/github-ibm/certauto/ms-data-api/node_modules/ibm-cos-sdk/lib/signers/v4.js:35:12)
    at /Users/jhaaken/github-ibm/certauto/ms-data-api/node_modules/ibm-cos-sdk/lib/event_listeners.js:234:18
    at finish (/Users/jhaaken/github-ibm/certauto/ms-data-api/node_modules/ibm-cos-sdk/lib/config.js:331:7) {
  code: 'ERR_INVALID_ARG_TYPE',
  retryDelay: 55.73262088037572
}

• package.json & node_modules showing 1.10.2 installed

Originally posted by @jhaaken in #83 (comment)

[IBMeric]

FYI, we are looking into this and will get back to you.

[IBMeric]

@jhaaken We have been able to reproduce the issue. Your test code creates a client that has never used its credentials, so no IAM token has been populated. The detection logic isn't accounting for this case, so the non-S3 operation upload isn't being handled correctly. We now have an internal defect for this.

There are two workarounds: (1) Continue to use signatureVersion: "iam", (2) Perform any S3 operation with the client (e.g., headBucket) to retrieve an IAM token before doing upload.

[IBMeric]

FYI, we have a fix staged for our next SDK release.

[IBMeric]

We have resolved this issue with the release of 1.11.0. Can you verify and close this ticket?

[IBMeric]

Closing as resolved