S3 Request signature mismatch for keys containing '+' sign for any XxxObjectRequest operation #3474

twr · 2022-10-10T11:34:20Z

Describe the bug

Any XxxObjectRequest (HeadObjectRequest, PutObjectRequest, etc.) operation targeted at specific key containing + sign, e.g. a+b.txt results in error 'The request signature we calculated does not match the signature you provided. Check your key and signing method.'

This happens using latest sdk v2 library for S3 (and some other older versions tried).

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>s3</artifactId>
    <version>2.17.286</version>
</dependency>

Expected Behavior

No error. Operations succeed as it is for any other keys that do not contain '+' sign.

Current Behavior

such code:

HeadObjectRequest request = HeadObjectRequest.builder()
        .bucket(bucketName)
        .key("a+b.txt")
        .build();

HeadObjectResponse response = s3Client.headObject(request);

results in:

software.amazon.awssdk.services.s3.model.S3Exception: The request signature we calculated does not match the signature you provided. Check your key and signing method. (Service: S3, Status Code: 403, Request ID: H2E7JCK8TP75G2XA, Extended Request ID: uGN8mJ9U/2/Nn6nyI73MZPA4vpkvo3N2hFr7sG4EkyBDmUNHyMSoWqSXwbNs2F2CfURP994vK8z207G21cBd5Q==)

Reproduction Steps

HeadObjectRequest request = HeadObjectRequest.builder()
        .bucket(bucketName)
        .key("a+b.txt")
        .build();

HeadObjectResponse response = s3Client.headObject(request);

Possible Solution

No response

Additional Information/Context

No response

AWS Java SDK version used

2.17.286

JDK version used

11.0.13

Operating System and version

macOS 12.6 (21G115)

The text was updated successfully, but these errors were encountered:

yasminetalby · 2022-10-10T22:50:17Z

Hello @twr ,

I was not able to reproduce the behavior described.
I have attempted both HeadObjectRequest and PutObjectRequest with the key a+b.txt" using was Java SDK v2.17.286 following the repro case sample and both completed successfully.
Could you please provide the verbose wirelogs associated with the behavior?

Best,

Yasmine

twr · 2022-10-11T09:42:41Z

Hello @yasminetalby, apologies for all the hassle but it seems it is this issue aws/aws-sdk-java#1919
I was testing from within a bigger project that had explicitly set org.apache.httpcomponents:httpclient version to 4.5.7.
My bad, should have tested that in isolation.
This can be closed now.

yasminetalby · 2022-10-11T16:25:53Z

Hello @twr,
No problem at all! Thank you very much for reaching out and for updating this case.
I will close this issue.
Best,
Yasmine

github-actions · 2022-10-11T16:26:18Z

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

twr added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Oct 10, 2022

yasminetalby self-assigned this Oct 10, 2022

yasminetalby added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 10 days. and removed needs-triage This issue or PR still needs to be triaged. labels Oct 10, 2022

github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 10 days. label Oct 11, 2022

yasminetalby closed this as completed Oct 11, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

S3 Request signature mismatch for keys containing '+' sign for any XxxObjectRequest operation #3474

S3 Request signature mismatch for keys containing '+' sign for any XxxObjectRequest operation #3474

twr commented Oct 10, 2022

yasminetalby commented Oct 10, 2022

twr commented Oct 11, 2022

yasminetalby commented Oct 11, 2022

github-actions bot commented Oct 11, 2022