jamshid
commented
4 years ago This is from Amazon S3 Glacier but fwiw it says Date must be ISO 8601. So I guess the test should expect failure when it sends Date like an HTTP date, without a x-amz-date header? https://docs.aws.amazon.com/amazonglacier/latest/dev/api-common-request-headers.html
Hi, I'm very confused by the test s3tests_boto3.functional.test_headers:test_object_create_date_and_amz_date https://github.com/ceph/s3-tests/blob/master/s3tests_boto3/functional/test_headers.py#L344
1) Test seems to be attempting to send both the Date and X-Amz-Date header, but only the Date header is actually getting sent. These are the versions from bootstrap, in case that matters:
virtualenv/lib/python2.7/site-packages/boto-2.49.0.dist-info virtualenv/lib/python2.7/site-packages/boto3-1.13.2.dist-info virtualenv/lib/python2.7/site-packages/botocore-1.16.2.dist-info
2) It fails against AWS S3 because the AWS signs with the Date header as-is. I thought V4 sigs require converting the Date value to ISO 8601 (without dashes or colons). The test fails with this 403 from AWS:
The test computes the StringToSign with the ISO8601 formatting of Date. Note the line after "AWS4-HMAC-SHA256".
3) I don't know how AWS can be "wrong" here but this from the jets3t library implies the Date header should be converted to ISO 8601 in the signature, right? Maye there was a change or there are differences in regions? https://jets3t.s3.amazonaws.com/api/org/jets3t/service/utils/SignatureUtils.html#awsV4ParseAndFormatDate-org.apache.http.client.methods.HttpUriRequest-