Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

S3 presigned URLs are invalid when using custom endpoint port #1177

Closed
ianbotsf opened this issue Jan 12, 2024 · 2 comments · Fixed by #1178
Closed

S3 presigned URLs are invalid when using custom endpoint port #1177

ianbotsf opened this issue Jan 12, 2024 · 2 comments · Fixed by #1178
Assignees
@ianbotsf
Labels
bug This issue is a bug.

Comments

@ianbotsf
Copy link
Contributor

Describe the bug

From #1173:

Hi @ianbotsf,

I tried a couple of scenarios as below:

  • Using S3, it works as expected with path style. URL looks like this: https://s3.eu-west-3.amazonaws.com/test-bucket-cguillot/my-file...... and both GET and PUT are ok.
  • Using Scaleway (French provider), also works as expected.
  • Using local Minio in Docker:
    • Works as expected with NodeJS, server returns the file or 404 if the key doesn't exist
    • Works as expected with Rush, same behavior as Node
    • Doesn't work with Kotlin SDK, backend returns 403 error with SignatureDoesNotMatch

Unfortunately, I can't say if the error is on Minio's side, but it seems that Node and Rust SDKs can tackle this. It would be definitely great if Kotlin SDK could too ;)

Please let me know if there is anything I can do to help with this!

EDIT: I remember that we had a "hack" in our Node codebase for a while due to that issue, when using a specific port (:9000) in the endpoint: aws/aws-sdk-js-v3#2121 maybe could it be related?

Also from #1173:

@ianbotsf I confirm that Kotlin SDK works as expected when local Minio is on port 80 (or 443). Issue is no longer related to path style but is about using a port in the endpoint URL. Maybe should I open another issue?

Expected behavior

Presigned URLs should be valid when using custom endpoint port (e.g., 9000 vs 80 or 443).

Current behavior

From above:

Doesn't work with Kotlin SDK, backend returns 403 error with SignatureDoesNotMatch

Steps to Reproduce

Presign a GetObject request to a custom URL endpoint with a non-standard port (e.g., a local MinIO instance). Attempt to use that URL in an HTTP client. Observe exception.

Possible Solution

No response

Context

No response

AWS Kotlin SDK version used

1.0.33

Platform (JVM/JS/Native)

JVM

Operating System and version

Amazon Linux 2
@ianbotsf ianbotsf added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Jan 12, 2024
@ianbotsf ianbotsf self-assigned this Jan 12, 2024
@ianbotsf ianbotsf removed the needs-triage This issue or PR still needs to be triaged. label Jan 12, 2024
This was referenced Jan 12, 2024
Closed
Merged
Merged
@github-actions GitHub Actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@ianbotsf
Copy link
Contributor Author

The fix has been released in SDK version 1.0.36. Please try it out @clementguillot and let me know if you're able to sign/presign successfully!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ianbotsf ianbotsf

Labels
bug This issue is a bug.
Projects
None yet
Milestone
No milestone
1 participant
@ianbotsf