Presigned requests only support SigV4 #1236
Comments
lauzadis
added
bug
This was referenced Feb 28, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Presigners assume the request is always presigned with SigV4. This means alternate auth schemes (like SigV4a, SigV4S3Express) cannot be used for presigning.
Expected behavior
A presigned request should use whichever auth scheme would be used when making the normal, non-presigned request (i.e, the auth scheme resolved from endpoint rules).
Current behavior
The presigner uses SigV4
Steps to Reproduce
Make a presigned request which would normally result in SigV4a or SigV4S3Express being used. Observe that SigV4 is used instead.
Possible Solution
The relevant section is here: https://github.com/awslabs/smithy-kotlin/blob/main/runtime/auth/aws-signing-common/common/src/aws/smithy/kotlin/runtime/auth/awssigning/Presigner.kt#L37
It will likely require another overhaul of the presigner, since the last refactor was done before the auth refactor.
Context
No response
AWS Kotlin SDK version used
1.0.66
Platform (JVM/JS/Native)
JVM
Operating System and version
macOS Sonoma
The text was updated successfully, but these errors were encountered: