Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS S3: use a single date/time for signing #1686

Merged
merged 1 commit into from
May 9, 2019
Merged

AWS S3: use a single date/time for signing #1686

merged 1 commit into from
May 9, 2019

Conversation

ennru
Copy link
Member

@ennru ennru commented May 9, 2019

Purpose

During AWS request signing the request timestamp and the date in the signed authorization credential should denote the same date, so they should be constructed from a single timestamp.

References

This is a follow-up to #1678

Changes

  • Add ZonedDateTime to SigningKey
  • Dirive date in CredentialScope from the request date in SigningKey
  • unrelated: add missing (but impossible) match case in processCheckIfExistsResponse

@ennru ennru added the p:aws-s3 label May 9, 2019
@ennru ennru added this to the 1.0.1 milestone May 9, 2019
2m
2m approved these changes May 9, 2019
View reviewed changes
Copy link
Member

@2m 2m left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@2m 2m merged commit 2405f8e into akka:master May 9, 2019
@ennru ennru deleted the s3-request-date branch May 9, 2019 12:04
@ennru ennru mentioned this pull request May 10, 2019
Closed
thadeusb
thadeusb reviewed May 20, 2019
View reviewed changes
s3/src/main/scala/akka/stream/alpakka/s3/impl/S3Stream.scala
SigningKey(
requestDate,
settings.credentialsProvider,
CredentialScope(requestDate.toLocalDate, settings.s3RegionProvider.getRegion, "s3")
Copy link

@thadeusb thadeusb May 20, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wondering, does going back to localDate in the CredentialScope screw things up? Because now requestDate and CredentialScope.date are going to have different dates, causing S3 to reject the request still.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not see how the dates can be different.
From toLocalDate Javadoc: "This returns a LocalDate with the same year, month and day as this date-time."

@omnipresent07 omnipresent07 mentioned this pull request Jun 1, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thadeusb thadeusb thadeusb left review comments

@2m 2m 2m approved these changes

Assignees
No one assigned
Labels
p:aws-s3
Projects
None yet
Milestone
1.0.1
Development

Successfully merging this pull request may close these issues.
3 participants
@ennru @thadeusb @2m