Skip to content

Commit

Permalink
fix: uri escape presigned url (#773)
Browse files Browse the repository at this point in the history
  • Loading branch information
@trivikr
Chase Coalwell authored and trivikr committed Jan 22, 2020
1 parent cd794e4 commit 3928ca1
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 45 deletions.
1 change: 1 addition & 0 deletions packages/middleware-sdk-rds/package.json
View file
Expand Up @@ -18,6 +18,7 @@
"@aws-sdk/signature-v4": "^1.0.0-alpha.7",
"@aws-sdk/types": "^1.0.0-alpha.3",
"@aws-sdk/util-format-url": "^1.0.0-alpha.3",
"@aws-sdk/util-uri-escape": "^1.0.0-alpha.2",
"tslib": "^1.8.0"
},
"devDependencies": {
Expand Down
88 changes: 44 additions & 44 deletions packages/middleware-sdk-rds/src/index.spec.ts
View file
Expand Up @@ -38,17 +38,17 @@ describe("middleware-sdk-rds", () => {
expect(middlewareOutput.input.KmsKeyId).toEqual(params.KmsKeyId);
const presignedUrl = middlewareOutput.input.PreSignedUrl;
expect(presignedUrl).toMatch(
/https\:\/\/rds\.src\-region\.amazonaws\.com\/\?/
);
expect(presignedUrl).toMatch(/Action\=CopyDBSnapshot/);
expect(presignedUrl).toMatch(/Version\=2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token\=session/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm\=AWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders\=host/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential\=/);
expect(presignedUrl).toMatch(/X\-Amz\-Date\=/);
expect(presignedUrl).toMatch(/X-Amz-Expires=([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature=000000/);
/https%3A%2F%2Frds\.src\-region\.amazonaws\.com%2F%3F/
);
expect(presignedUrl).toMatch(/Action%3DCopyDBSnapshot/);
expect(presignedUrl).toMatch(/Version%3D2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token%3Dsession/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm%3DAWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders%3Dhost/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential%3D/);
expect(presignedUrl).toMatch(/X\-Amz\-Date%3D/);
expect(presignedUrl).toMatch(/X-Amz-Expires%3D([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature%3D000000/);
});

it("should build CreateDBInstanceReadReplica cross origin presigned url correctly ", async () => {
Expand All @@ -69,17 +69,17 @@ describe("middleware-sdk-rds", () => {
expect(middlewareOutput.input.KmsKeyId).toEqual(params.KmsKeyId);
const presignedUrl = middlewareOutput.input.PreSignedUrl;
expect(presignedUrl).toMatch(
/https\:\/\/rds\.src\-region\.amazonaws\.com\/\?/
);
expect(presignedUrl).toMatch(/Action\=CreateDBInstanceReadReplica/);
expect(presignedUrl).toMatch(/Version\=2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token\=session/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm\=AWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders\=host/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential\=/);
expect(presignedUrl).toMatch(/X\-Amz\-Date\=/);
expect(presignedUrl).toMatch(/X-Amz-Expires=([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature=000000/);
/https%3A%2F%2Frds\.src\-region\.amazonaws\.com%2F%3F/
);
expect(presignedUrl).toMatch(/Action%3DCreateDBInstanceReadReplica/);
expect(presignedUrl).toMatch(/Version%3D2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token%3Dsession/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm%3DAWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders%3Dhost/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential%3D/);
expect(presignedUrl).toMatch(/X\-Amz\-Date%3D/);
expect(presignedUrl).toMatch(/X-Amz-Expires%3D([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature%3D000000/);
});

it("should build CreateDBCluster cross origin presigned url correctly ", async () => {
Expand All @@ -100,17 +100,17 @@ describe("middleware-sdk-rds", () => {
expect(middlewareOutput.input.KmsKeyId).toEqual(params.KmsKeyId);
const presignedUrl = middlewareOutput.input.PreSignedUrl;
expect(presignedUrl).toMatch(
/https\:\/\/rds\.src\-region\.amazonaws\.com\/\?/
);
expect(presignedUrl).toMatch(/Action\=CreateDBCluster/);
expect(presignedUrl).toMatch(/Version\=2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token\=session/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm\=AWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders\=host/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential\=/);
expect(presignedUrl).toMatch(/X\-Amz\-Date\=/);
expect(presignedUrl).toMatch(/X-Amz-Expires=([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature=000000/);
/https%3A%2F%2Frds\.src\-region\.amazonaws\.com%2F%3F/
);
expect(presignedUrl).toMatch(/Action%3DCreateDBCluster/);
expect(presignedUrl).toMatch(/Version%3D2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token%3Dsession/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm%3DAWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders%3Dhost/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential%3D/);
expect(presignedUrl).toMatch(/X\-Amz\-Date%3D/);
expect(presignedUrl).toMatch(/X-Amz-Expires%3D([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature%3D000000/);
});

it("should build CopyDBClusterSnapshot cross origin presigned url correctly ", async () => {
Expand All @@ -131,17 +131,17 @@ describe("middleware-sdk-rds", () => {
expect(middlewareOutput.input.KmsKeyId).toEqual(params.KmsKeyId);
const presignedUrl = middlewareOutput.input.PreSignedUrl;
expect(presignedUrl).toMatch(
/https\:\/\/rds\.src\-region\.amazonaws\.com\/\?/
);
expect(presignedUrl).toMatch(/Action\=CopyDBClusterSnapshot/);
expect(presignedUrl).toMatch(/Version\=2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token\=session/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm\=AWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders\=host/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential\=/);
expect(presignedUrl).toMatch(/X\-Amz\-Date\=/);
expect(presignedUrl).toMatch(/X-Amz-Expires=([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature=000000/);
/https%3A%2F%2Frds\.src\-region\.amazonaws\.com%2F%3F/
);
expect(presignedUrl).toMatch(/Action%3DCopyDBClusterSnapshot/);
expect(presignedUrl).toMatch(/Version%3D2014\-10\-31/);
expect(presignedUrl).toMatch(/X\-Amz\-Security\-Token%3Dsession/);
expect(presignedUrl).toMatch(/X\-Amz\-Algorithm%3DAWS4\-HMAC\-SHA256/);
expect(presignedUrl).toMatch(/X\-Amz\-SignedHeaders%3Dhost/);
expect(presignedUrl).toMatch(/X\-Amz\-Credential%3D/);
expect(presignedUrl).toMatch(/X\-Amz\-Date%3D/);
expect(presignedUrl).toMatch(/X-Amz-Expires%3D([\d]+)/);
expect(presignedUrl).toMatch(/X-Amz-Signature%3D000000/);
});

it("should not generate PreSignedUrl if source identifier is not ARN", async () => {
Expand Down
3 changes: 2 additions & 1 deletion packages/middleware-sdk-rds/src/index.ts
View file
Expand Up @@ -15,6 +15,7 @@ import {
import { formatUrl } from "@aws-sdk/util-format-url";
import { HttpRequest } from "@aws-sdk/protocol-http";
import { SignatureV4 } from "@aws-sdk/signature-v4";
import { escapeUri } from "@aws-sdk/util-uri-escape";

const regARN = /arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?/;

Expand Down Expand Up @@ -104,7 +105,7 @@ export function crossRegionPresignedUrlMiddleware(
...args,
input: {
...args.input,
PreSignedUrl: formatUrl(presignedRequest)
PreSignedUrl: escapeUri(formatUrl(presignedRequest))
}
};
}
Expand Down

0 comments on commit 3928ca1

Please sign in to comment.