Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS4Signer should provide option to set custom host header #2974

Open
2 tasks
voiddrum opened this issue May 5, 2023 · 3 comments
Open
2 tasks

AWS4Signer should provide option to set custom host header #2974

voiddrum opened this issue May 5, 2023 · 3 comments
Labels
feature-request A feature should be added or improved.

Comments

@voiddrum
Copy link

voiddrum commented May 5, 2023
edited

Describe the feature

As of now, AWS4Signer extracts host name from end point url and uses it to set the Host header and compute hash to sign the request.

Ideally, if a host name is provided in the request's Host header, AWS4Signer should use that instead.

Use Case

In cases where the target host is behind a load balancer/gateway, the final host name will be that of the host which hosts the API (Eg: AWS Neptune /sparql API).

Clients should be able to set the target host name in header in order for the target host to verify the request.

Proposed Solution

If a host name is provided in the request's Host header, AWS4Signer should use that instead of extracting from endpoint url.

Other Information

awscurl command line tool is able to honour the host header.
eg:
The below invocation works

awscurl \
-H'Host: target_host.aws.com'  \
--access_key $AWS_ACCESS_KEY_ID \
--secret_key $AWS_SECRET_ACCESS_KEY \
--session_token $AWS_SESSION_TOKEN \
--service neptune-db \
--region us-west-2  \
-X POST -H 'Content-Type: application/sparql-query'  \
-H 'Accept: text/csv' "https://alb-host.aws.com/sparql" -d ...

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

AWS Java SDK version used

1.11.1009

JDK version used

11.0.16.1

Operating System and version

MacOS Ventura 13.3.1 (22E261)
@voiddrum voiddrum added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels May 5, 2023
@debora-ito debora-ito self-assigned this May 11, 2023
@voiddrum
Copy link
Author

Looks similar to aws/aws-sdk-ruby#2339

@debora-ito
Copy link
Member

So the feature request is to not overwrite the Host header if the request already has one.

It's unusual that this is needed at the AWS4Signer level. You can override the endpoint at the client level with a custom EndpointConfiguration but I guess you can't use this.

As a workaround, you can use a RequestHandler2 to change the endpoint to the hostname you want.
https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/handlers/RequestHandler2.html

Just a heads up, the team is focused in working in features for the Java SDK v2, so this has a low chance to be implemented.

@debora-ito debora-ito removed the needs-triage This issue or PR still needs to be triaged. label Jun 9, 2023
@debora-ito debora-ito removed their assignment Jun 9, 2023
@subuhi-nigar
Copy link

This is weird of AWS4Signer to set host as endpoint .
StringBuilder hostHeaderBuilder = new StringBuilder(endpoint.getHost());
Due to this unable to access AWS service that are running behind NLB .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request A feature should be added or improved.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@debora-ito @voiddrum @subuhi-nigar