v7 shows Invalid Hash even it is authentication issue

Question

v7 shows Invalid Hash even it is authentication issue

guitarrapc opened this issue 3 years ago · 3 comments

guitarrapc commented 3 years ago

tl;dr;

v7 shows Invalid Hash (Expected: EVERYTIME_CHANGED, Found: EVERYTIME_CHANGED_2) instead of authentication error.

Summary

In v6, Authentication issue like invalid AWS AccessKey or AccessSecret access will identified with error message.

Example: An error occurred (401) when calling the ListObjectsV2 operation: Unauthorized.

But v7 only output Invalid Hash and user could not identify real issue.

Expected behavior

Show authentication error.

Actual behavior

Show BadDigest Invalid Hash error.

Step to reproduce

Create compose file compose.yaml, and launch docker compose up.

services:
  s3:
    image: scireum/s3-ninja:7.2
    ports:
      - 9000:9000

Create AWS Profile s3ninja with wrong access secret.

[s3ninja]
aws_access_key_id = AKIAIOSFODNN7EXAMPLE
aws_secret_access_key = bPxRfiCYEXAMPLEKEY

Run aws s3 command.

$ aws --endpoint-url "http://localhost:9000/" --profile s3ninja s3 ls s3://test

An error occurred (BadDigest) when calling the ListObjectsV2 operation: Invalid Hash (Expected: df3de2573c5b03d100c4bbba837933f85521d35bc446e39c16ebc4a0fcf2b6c6, Found: 8223ccbdced7b41bc5561d283376b78371dca3631ac4734a5c2971336434b670)

Environment

s3ninja:7.2 (confirm issue happen from 6.1)

Answer 1 · 2021-09-30T19:44:03.000Z

Hi @guitarrapc 👋 Thanks for reporting this. I cross-checked by connecting to a real AWS S3 bucket with wrong credentials and modified the code to mimic the behaviour of the former. However, AWS distinguishes between wrong access and wrong secret key. We continue not to check this distinction, leading to slight inconsistency with S3.

Answer 2 · 2021-10-04T00:26:44.000Z

Version 7.2.1 has been released

Answer 3 · 2021-10-04T05:17:37.000Z

thank you!! It's perfect.