Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

s3-request-presigner GetObjectCommand expects key to be decoded uri #6556

Open
3 of 4 tasks
cmcclung-ANGENG opened this issue Oct 9, 2024 · 2 comments
Open
3 of 4 tasks

s3-request-presigner GetObjectCommand expects key to be decoded uri #6556

cmcclung-ANGENG opened this issue Oct 9, 2024 · 2 comments
Assignees
@aBurmeseDev
Labels
bug This issue is a bug. p3 This is a minor priority issue

Comments

@cmcclung-ANGENG
Copy link

cmcclung-ANGENG commented Oct 9, 2024
edited
Loading

Checkboxes for prior research

Describe the bug

I've come across an incompatiblity between the key format of an S3Event from a trigger and the expected format s3-request-presigner GetObjectCommand expects the key to be in.

For example, If part of the key contains 'eu-west-1:77' (from a creation event)

Then the key is in the encoded format west-1%3A7 as expected.

But If I then use it like so:

 const s3command = new GetObjectCommand({Bucket: record.s3.bucket.name, Key:  record.s3.object.key});
 const url = await getSignedUrl(s3Client, s3command, {expiresIn: 86400});

The presigned uri comes out like:
west-1%253A

So what's happened is that the % has now been escaped (%25) and the %3A (:) has now been corrupted.

I suspect the code should detect if the key is encoded and then run (decode|encode)URIComponent as appriopiate.

Regression Issue

  • Select this option if this issue appears to be a regression.

SDK version number

@aws-sdk/[email protected]

Which JavaScript Runtime is this issue in?

Node.js

Details of the browser/Node.js/ReactNative version

Amplify gen 2 6.6.4, Lambda - nodejs:18.v45

Reproduction Steps

  1. Create an S3 bucket and access pattern in Amplify gen 2 using {entity_id} (contains a ':' char)
  2. Add An S3 trigger on upload.
  3. In the lambda use S3Event for:
const s3command = new GetObjectCommand({Bucket: record.s3.bucket.name, Key: record.s3.object.key});
const url = await getSignedUrl(s3Client, s3command, {expiresIn: 86400})

Observed Behavior

The url produced is invalid
The {entity_id} key part contains a ':' which is in the S3Event s3.object.key correctly encoded

But it turns out like %253A - ie % gets escaped and the escaped : part gets corrupted.

This then presents itself as a key not found error.

Expected Behavior

I expect the GetObjectCommand to accept both decoded and encoded keys.

Possible Solution

I suspect the code should detect if the key is encoded and then run (decode|encode)URIComponent as appriopiate.

Additional Information/Context

No response
@cmcclung-ANGENG cmcclung-ANGENG added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Oct 9, 2024
@aBurmeseDev aBurmeseDev self-assigned this Oct 11, 2024
@aBurmeseDev
Copy link
Member

Hi @cmcclung-ANGENG - thanks for reaching out.

Can you try decodeURIComponent for Key value?

const s3command = new GetObjectCommand({
  Bucket: record.s3.bucket.name,
  Key: decodeURIComponent(record.s3.object.key)
});
const url = await getSignedUrl(s3Client, s3command, { expiresIn: 86400 });

@aBurmeseDev aBurmeseDev added response-requested Waiting on additional info and feedback. Will move to \"closing-soon\" in 7 days. p3 This is a minor priority issue and removed needs-triage This issue or PR still needs to be triaged. labels Oct 14, 2024
@cmcclung-ANGENG
Copy link
Author

Hi,

yeah, thats what I did. That works well.

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to \"closing-soon\" in 7 days. label Oct 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aBurmeseDev aBurmeseDev

Labels
bug This issue is a bug. p3 This is a minor priority issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aBurmeseDev @cmcclung-ANGENG