Open harshadmehmood opened 3 weeks ago
Hello! Thank you for creating this issue! We are looking into this and get back to you once we have more information.
@harshadmehmood You should currently be able to change the log mode where you pass in your own config. Please try passing in a clientLogMode
to your S3Client.Config using the following code and see if that works for you:
import ClientRuntime
...
let clientConfig = try await S3Client.Config(clientLogMode: ClientRuntime.ClientLogMode.response)
let client = S3Client(config: clientConfig)
The default log mode is .request
which contains Authorization information but .response
does not
@dayaffe thanks for reply, i already tested it on my client side, but again some info that should not be rendered in logs on, please have a look,
2024-06-11T09:38:07+0500 info URLSessionHTTPClient : [Logging] start URLRequest(https://FULL_PATH_TO_MY_FILE?x-id=GetObject) called 2024-06-11T09:38:08+0500 info URLSessionHTTPClient : [Logging] Either TLSOptions not set or missing values! Using default trust store. 2024-06-11T09:38:08+0500 info URLSessionHTTPClient : [Logging] urlSession(_:dataTask:didReceive response:) called 2024-06-11T09:38:08+0500 info S3Client : [Logging] Response: Status Code: http_status_200 Date: Tue, 11 Jun 2024 04:38:09 GMT, x-amz-server-side-encryption: AES256, Accept-Ranges: bytes, Etag: "some 32 bit data", Content-Length: 7516, Content-Type: application/json, Server: AmazonS3, Last-Modified: Fri, 07 Jun 2024 09:52:44 GMT, x-amz-id-2: ANOTHER_ONE, x-amz-request-id: REQ_ID 2024-06-11T09:38:08+0500 info S3Client : [Logging] User requested checksum validation, but the response headers did not contain any valid checksums output.contentLength - Optional(7516) output.contentRange - nil 2024-06-11T09:38:08+0500 info URLSessionHTTPClient : [Logging] urlSession(_:dataTask:didReceive data:) called (7516 bytes) 2024-06-11T09:38:08+0500 info URLSessionHTTPClient : [Logging] urlSession(_:task:didCompleteWithError:) called. Success Decryption error: authenticationFailure
Work is being tracked in https://github.com/awslabs/aws-sdk-swift/issues/1557.
hello @sichanyoo just wanna now if that issue resolved in updated build, thanks
Describe the bug
When Trying to login using provided method & download file using 'getObject', S3Client Logging shows logs which includes Authorization with Credential
Expected Behavior
No Authorization related data should be visible in logs
Current Behavior
Partial Authorization data visible in logs and no way to hide
Reproduction Steps
1- init
`do { let credentials = AWSClientRuntime.AWSCredentialIdentity(accessKey: "myAccessKey", secret: "mySecret") let cResolver = try AWSClientRuntime.StaticAWSCredentialIdentityResolver(credentials) let config = try await S3Client.S3ClientConfiguration(awsCredentialIdentityResolver: cResolver, region: "myregion")
2- download data
let input = GetObjectInput( bucket: bucket, key: key ) do { let output = try await client.getObject(input: input) print("output.contentLength - \(output.contentLength)") print("output.contentRange - \(output.contentRange)") if let body = output.body, let data = try await body.readData() { try data.write(to: fileUrl) return "success writing data at path" } } catch { print("aws error :\(error)") }
3- Logs which includes auth data
2024-06-10T11:24:22+0500 info S3Client : [Logging] Request: GET https:443 Path: /myDir/myfile.xyz User-Agent: aws-sdk-swift/1.0 ua/2.0 api/s3#1.0 os/macos#14.4.1 lang/swift#5.10 cfg/retry-mode#legacy, x-amz-content-sha256: sha, Authorization: ...SHA... Credential=ACTUALACCESSKEY/......./ACTUALREGION/../...., SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=...signature..., X-Amz-Date: 20240610T062422Z, Host: hostinfo Optional([ClientRuntime.SDKURLQueryItem(name: "x-id", value: Optional("GetObject"))]) 2024-06-10T11:24:22+0500 info URLSessionHTTPClient : [Logging] start URLRequest(https://path for file) called 2024-06-10T11:24:23+0500 info S3Client : [Logging] Request: GET https:443 Path: somefile User-Agent: aws-sdk-swift/1.0 ua/2.0 api/s3#1.0 os/macos#14.4.1 lang/swift#5.10 cfg/retry-mode#legacy, x-amz-content-sha256: sha, Authorization: sha Credential=ACTUALACCESSKEY/......./ACTUALREGION/../...., SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=...signature..., X-Amz-Date: 20240610T062423Z, Host: bgforzoomnskype.s3.us-east-2.amazonaws.com Optional([ClientRuntime.SDKURLQueryItem(name: "x-id", value: Optional("GetObject"))]) 2024-06-10T11:24:23+0500 info URLSessionHTTPClient : [Logging] start URLRequest(https://path for file) called 2024-06-10T11:24:23+0500 info URLSessionHTTPClient : [Logging] Either TLSOptions not set or missing values! Using default trust store. 2024-06-10T11:24:24+0500 info URLSessionHTTPClient : [Logging] urlSession(:dataTask:didReceive response:) called 2024-06-10T11:24:24+0500 info S3Client : [Logging] User requested checksum validation, but the response headers did not contain any valid checksums 2024-06-10T11:24:24+0500 info URLSessionHTTPClient : [Logging] urlSession(:dataTask:didReceive data:) called (7516 bytes) 2024-06-10T11:24:24+0500 info URLSessionHTTPClient : [Logging] urlSession(:task:didCompleteWithError:) called. Success output.contentLength - Optional(7516) output.contentRange - nil Decryption error: authenticationFailure 2024-06-10T11:24:24+0500 info URLSessionHTTPClient : [Logging] Either TLSOptions not set or missing values! Using default trust store. 2024-06-10T11:24:24+0500 info URLSessionHTTPClient : [Logging] urlSession(:dataTask:didReceive response:) called 2024-06-10T11:24:24+0500 info S3Client : [Logging] User requested checksum validation, but the response headers did not contain any valid checksums 2024-06-10T11:24:24+0500 info URLSessionHTTPClient : [Logging] urlSession(:dataTask:didReceive data:) called (7516 bytes) 2024-06-10T11:24:24+0500 info URLSessionHTTPClient : [Logging] urlSession(:task:didCompleteWithError:) called. Success output.contentLength - Optional(7516) output.contentRange - nil Decryption error: authenticationFailure
Possible Solution
in 'S3Client.S3ClientConfiguration' there is a parm named 'clientLogMode' it could be user to handle this
Additional Information/Context
No response
AWS SWIFT SDK version used
0.44.0
Compiler and Version used
xcode :Version 15.4 (15F31d), swift: version 5
Operating System and version
MacOS Sonoma 14.4.1 (23E224)