Skip to content

fix(middleware-sdk-transcribe-streaming): unsign the non host headers #1336

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 7, 2020
Merged

fix(middleware-sdk-transcribe-streaming): unsign the non host headers #1336

merged 2 commits into from
Jul 7, 2020

Conversation

AllanZhengYP
Copy link
Contributor

@AllanZhengYP AllanZhengYP commented Jul 7, 2020
edited
Loading

Issue #, if available:

Description of changes:
Transcribe streaming's WebSocket request omits the request headers. So we should not sign any header other than host. Because if the header is signed, but not sent to the service, the signature is mismatch.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@codecov-commenter
Copy link

codecov-commenter commented Jul 7, 2020
edited
Loading

Codecov Report

Merging #1336 into master will increase coverage by 0.00%.
The diff coverage is 100.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1336   +/-   ##
=======================================
  Coverage   77.67%   77.67%           
=======================================
  Files         286      287    +1     
  Lines       11955    11970   +15     
  Branches     2623     2626    +3     
=======================================
+ Hits         9286     9298   +12     
- Misses       2669     2672    +3
Impacted Files Coverage Δ
.../middleware-sdk-transcribe-streaming/src/signer.ts 80.00% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4e31b7d...6e86721. Read the comment docs.

@AllanZhengYP AllanZhengYP force-pushed the AllanFly120/fix-transcribe-retry branch from f50c592 to c0bc9cb Compare July 7, 2020 17:38
alexforsyth
alexforsyth approved these changes Jul 7, 2020
View reviewed changes
Copy link
Contributor

@alexforsyth alexforsyth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

trivikr
trivikr requested changes Jul 7, 2020
View reviewed changes
packages/middleware-sdk-transcribe-streaming/src/signer.ts
const signedRequest = await this.signer.presign({ ...toSign, body: "" }, {
expiresIn: 5 * 60 // presigned url must be expired within 5 mins
} as any);
// the payload hash would be UNSINGED-PAYLOAD
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit

Suggested change
// the payload hash would be UNSINGED-PAYLOAD
// the payload hash would be UNSIGNED-PAYLOAD

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is fixed

packages/middleware-sdk-transcribe-streaming/src/signer.spec.ts
}
});
const signed = await signer.sign(toSign);
expect(toSign).toMatchObject(signed);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

presign is mocked, so it should return undefined. So I'm not sure how this expect is successful.
Add a mockImplementation for presign function, and check the value returned with signed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is fixed in 6e86721

@AllanZhengYP AllanZhengYP force-pushed the AllanFly120/fix-transcribe-retry branch from c0bc9cb to 55f45b9 Compare July 7, 2020 19:21
@AllanZhengYP AllanZhengYP force-pushed the AllanFly120/fix-transcribe-retry branch from 55f45b9 to 4b148a3 Compare July 7, 2020 19:48
@AllanZhengYP AllanZhengYP merged commit 16ca2a4 into master Jul 7, 2020
@trivikr trivikr deleted the AllanFly120/fix-transcribe-retry branch July 7, 2020 21:35
@trivikr trivikr mentioned this pull request Jul 8, 2020
Merged
@github-actions
Copy link

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@alexforsyth alexforsyth alexforsyth approved these changes

@trivikr trivikr trivikr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@AllanZhengYP @codecov-commenter @alexforsyth @trivikr