github-starred/yaak
2
0
Fork 0
mirror of https://github.com/mountain-loop/yaak.git synced 2026-05-06 18:16:03 -05:00
Code Issues 71 Packages Projects Releases 101 Wiki Activity

[PR #430] fix: AWS4 authentication method didn't sign request body #1620

New Issue
Open
opened 2026-05-06 19:39:04 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-05-06 19:39:04 -05:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/mountain-loop/yaak/pull/430
Author: @WaterBread
Created: 3/17/2026
Status: 🔄 Open

Base: mainHead: bugfix/aws4-signing-include-body

📝 Commits (2)

  • af76eab Fixing the issue where the aws4 auth was not using the body when signing
  • d18be32 Running formatter

📊 Changes

10 files changed (+19 additions, -9 deletions)

View changed files

📝 crates-tauri/yaak-app/src/grpc.rs (+1 -0)
📝 crates-tauri/yaak-app/src/ws_ext.rs (+1 -0)
📝 crates/yaak-plugins/bindings/gen_events.ts (+1 -1)
📝 crates/yaak-plugins/src/events.rs (+1 -0)
📝 crates/yaak-templates/pkg/yaak_templates.d.ts (+1 -1)
📝 crates/yaak-templates/pkg/yaak_templates_bg.js (+6 -6)
📝 crates/yaak-templates/pkg/yaak_templates_bg.wasm (+0 -0)
📝 crates/yaak/src/send.rs (+6 -0)
📝 packages/plugin-runtime-types/src/bindings/gen_events.ts (+1 -1)
📝 plugins/auth-aws/src/index.ts (+1 -0)

📄 Description

Summary

When using the AWS4 method for authentication, it never added the body to the signature. This meant that only GET requests worked, or when not passing a body entirely.

When using a POST with a body, the generated x-amz-security-token header being passed didn't match what was actually being sent, and results in a 403 response.

The fix is to include the body in the signature generation.

Submission

  • This PR is a bug fix or small-scope improvement.
  • If this PR is not a bug fix or small-scope improvement, I linked an approved feedback item below.
  • I have read and followed CONTRIBUTING.md.
  • I tested this change locally.
  • I added or updated tests when reasonable.

There doesn't seem to be any tests setup within the auth-aws package. Happy to add them, although don't know if that would be considered outside the scope of what a "bugfix" would be.

Related

Before:
before

After:
after

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/mountain-loop/yaak/pull/430 **Author:** [@WaterBread](https://github.com/WaterBread) **Created:** 3/17/2026 **Status:** 🔄 Open **Base:** `main` ← **Head:** `bugfix/aws4-signing-include-body` --- ### 📝 Commits (2) - [`af76eab`](https://github.com/mountain-loop/yaak/commit/af76eab923cdaf5161aa9274af845cf9128ac695) Fixing the issue where the aws4 auth was not using the body when signing - [`d18be32`](https://github.com/mountain-loop/yaak/commit/d18be329b8873f3e4612dc0b38a327200963dde3) Running formatter ### 📊 Changes **10 files changed** (+19 additions, -9 deletions) <details> <summary>View changed files</summary> 📝 `crates-tauri/yaak-app/src/grpc.rs` (+1 -0) 📝 `crates-tauri/yaak-app/src/ws_ext.rs` (+1 -0) 📝 `crates/yaak-plugins/bindings/gen_events.ts` (+1 -1) 📝 `crates/yaak-plugins/src/events.rs` (+1 -0) 📝 `crates/yaak-templates/pkg/yaak_templates.d.ts` (+1 -1) 📝 `crates/yaak-templates/pkg/yaak_templates_bg.js` (+6 -6) 📝 `crates/yaak-templates/pkg/yaak_templates_bg.wasm` (+0 -0) 📝 `crates/yaak/src/send.rs` (+6 -0) 📝 `packages/plugin-runtime-types/src/bindings/gen_events.ts` (+1 -1) 📝 `plugins/auth-aws/src/index.ts` (+1 -0) </details> ### 📄 Description ## Summary When using the AWS4 method for authentication, it never added the body to the signature. This meant that only `GET` requests worked, or when not passing a body entirely. When using a `POST` with a body, the generated `x-amz-security-token` header being passed didn't match what was actually being sent, and results in a 403 response. The fix is to include the body in the signature generation. ## Submission - [x] This PR is a bug fix or small-scope improvement. - [ ] If this PR is not a bug fix or small-scope improvement, I linked an approved feedback item below. - [x] I have read and followed [`CONTRIBUTING.md`](CONTRIBUTING.md). - [x] I tested this change locally. - [ ] I added or updated tests when reasonable. There doesn't seem to be any tests setup within the `auth-aws` package. Happy to add them, although don't know if that would be considered outside the scope of what a "bugfix" would be. ## Related Before: ![before](https://github.com/user-attachments/assets/69abbf40-a02b-4468-99fe-e1a6e0a93d59) After: ![after](https://github.com/user-attachments/assets/4fb9224d-e0c2-4b5a-b4da-70dace6f5b1a) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-06 19:39:04 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
pull-request
Mirrored from GitHub Pull Request
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/yaak#1620
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?