TrueCloudLab/frostfs-s3-gw
17
3
Fork 20
Code Issues 29 Pull requests 8 Projects Releases 30 Packages 1 Activity Actions

[#615] Use UNSIGNED_PAYLOAD to check sign #615

Merged
alexvanin merged 1 commit from dkirillov/frostfs-s3-gw:bugfix/fix_check_signature_with_unsigned_payload into master 2025-01-30 13:16:40 +00:00
Conversation 2 Commits 1 Files changed 6 +142 -23

1 commit

Author SHA1 Message Date
Denis Kirillov
aeaeb62e3b [#615] Use UNSIGNED_PAYLOAD to check sign
All checks were successful
/ DCO (pull_request) Successful in 29s
Details
/ Vulncheck (pull_request) Successful in 55s
Details
/ Builds (pull_request) Successful in 1m50s
Details
/ Lint (pull_request) Successful in 2m0s
Details
/ Tests (pull_request) Successful in 1m15s
Details
/ OCI image (pull_request) Successful in 2m22s
Details 
Use `UNSIGNED_PAYLOAD` to check signature if x-amz-content-sha256 isn't provided as signed header

https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html

" You include the literal string UNSIGNED-PAYLOAD when constructing a canonical request, and set the same value as the x-amz-content-sha256 header value when sending the request to Amazon S3"

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
 2025-01-29 12:45:47 +03:00