Skip to content

Commit

Permalink
Fix signature mismatch by sorting query parameters
Browse files Browse the repository at this point in the history 
https://cloud.google.com/storage/docs/authentication/canonical-requests#about-query-strings
> The parameters in the query string must be sorted by name using a
> lexicographical sort by code point value.

Fixes #298
  • Loading branch information
Chris Pick committed Aug 14, 2024
1 parent cac61fd commit b03572d
Showing 1 changed file with 14 additions and 7 deletions.
21 changes: 14 additions & 7 deletions storage/src/sign.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use std::collections::HashMap;
use std::collections::{BTreeMap, HashMap};
use std::fmt::{Debug, Formatter};
use std::ops::Deref;
use std::time::{Duration, SystemTime};
Expand Down Expand Up @@ -213,13 +213,20 @@ pub(crate) fn create_signed_buffer(

// append query parameters
{
let mut query_parameters = [
("X-Goog-Algorithm", "GOOG4-RSA-SHA256"),
("X-Goog-Credential", &format!("{}/{}", google_access_id, credential_scope)),
("X-Goog-Date", &timestamp),
("X-Goog-Expires", opts.expires.as_secs().to_string().as_str()),
("X-Goog-SignedHeaders", &signed_headers),
]
.into_iter()
.map(|(key, value)| (key.to_owned(), vec![value.to_owned()]))
.collect::<BTreeMap<_, _>>();
query_parameters.extend(opts.query_parameters.clone());

let mut query = builder.query_pairs_mut();
query.append_pair("X-Goog-Algorithm", "GOOG4-RSA-SHA256");
query.append_pair("X-Goog-Credential", &format!("{}/{}", google_access_id, credential_scope));
query.append_pair("X-Goog-Date", &timestamp);
query.append_pair("X-Goog-Expires", opts.expires.as_secs().to_string().as_str());
query.append_pair("X-Goog-SignedHeaders", &signed_headers);
for (k, values) in &opts.query_parameters {
for (k, values) in &query_parameters {
for value in values {
query.append_pair(k.as_str(), value.as_str());
}
Expand Down

0 comments on commit b03572d

Please sign in to comment.