I see a few past/pending issues about encoding problems (#111, #221), but none seem to be hitting the problem I am, which is that these operations are being rejected by AWS entirely, not even encoded or double-encoded.
E.g., Paws->service('S3', region => 'us-east-1')->PutObject(Key => 'test@test', Bucket => 'TestBucket', Body => 'test')) fails with Forbidden.
The problem appears to be that the V4 signature does not match the headers, because they are signed with the uri field URI-encoded. As evidence, when just before signing the request here
|
my $signed_req = $sig->sign( $request ); |
I alter the request object by decoding its
uri field in-place, then the operations succeed.
I haven't dug much deeper, but perhaps that field should never have been encoded in the first place. I tried a change similar to that in #220 (closed for some reason), and that seems to consistently succeed for my use cases, although maybe for more exotic characters there would be problems.
I see a few past/pending issues about encoding problems (#111, #221), but none seem to be hitting the problem I am, which is that these operations are being rejected by AWS entirely, not even encoded or double-encoded.
E.g.,
Paws->service('S3', region => 'us-east-1')->PutObject(Key => 'test@test', Bucket => 'TestBucket', Body => 'test'))fails withForbidden.The problem appears to be that the V4 signature does not match the headers, because they are signed with the
urifield URI-encoded. As evidence, when just before signing the request hereaws-sdk-perl/lib/Paws/Net/S3Signature.pm
Line 44 in 4c81b41
urifield in-place, then the operations succeed.I haven't dug much deeper, but perhaps that field should never have been encoded in the first place. I tried a change similar to that in #220 (closed for some reason), and that seems to consistently succeed for my use cases, although maybe for more exotic characters there would be problems.