Added Support for AOSS (opensearch-project#366)

* Added Support for AOSS Signed-off-by: Theo Truong <theotr@amazon.com> (cherry picked from commit 52010ba)
harshavamsi · Feb 21, 2023 · cf52ec4 · cf52ec4
1 parent af810b1
commit cf52ec4
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 17 deletions.
diff --git a/lib/aws/AwsSigv4Signer.js b/lib/aws/AwsSigv4Signer.js
@@ -9,11 +9,12 @@
  * GitHub history for details.
  */
 
-'use strict'
-const Connection = require('../Connection')
-const Transport = require('../Transport')
-const aws4 = require('aws4')
-const AwsSigv4SignerError = require('./errors')
+'use strict';
+const Connection = require('../Connection');
+const Transport = require('../Transport');
+const aws4 = require('aws4');
+const AwsSigv4SignerError = require('./errors');
+const crypto = require('crypto');
 
 const getAwsSDKCredentialsProvider = async () => {
   // First try V3
@@ -73,12 +74,17 @@ function AwsSigv4Signer (opts = {}) {
     opts.getCredentials = awsDefaultCredentialsProvider
   }
 
-  function buildSignedRequestObject (request = {}) {
-    request.service = opts.service
-    request.region = opts.region
-    request.headers = request.headers || {}
-    request.headers.host = request.hostname
-    return aws4.sign(request, credentialsState.credentials)
+  function buildSignedRequestObject(request = {}) {
+    request.service = opts.service;
+    request.region = opts.region;
+    request.headers = request.headers || {};
+    request.headers['host'] = request.hostname;
+    const signed = aws4.sign(request, credentialsState.credentials);
+    signed.headers['x-amz-content-sha256'] = crypto
+      .createHash('sha256')
+      .update(request.body || '', 'utf8')
+      .digest('hex');
+    return signed;
   }
 
   class AwsSigv4SignerConnection extends Connection {

diff --git a/package.json b/package.json
@@ -22,7 +22,11 @@
     }
   },
   "homepage": "https://www.opensearch.org/",
+<<<<<<< HEAD
   "version": "1.1.0",
+=======
+  "version": "2.2.0",
+>>>>>>> 52010ba6 (Added Support for AOSS (#366))
   "versionCanary": "7.10.0-canary.6",
   "keywords": [
     "opensearch",

diff --git a/test/unit/lib/aws/awssigv4signer.test.js b/test/unit/lib/aws/awssigv4signer.test.js
@@ -17,7 +17,7 @@ const { Connection } = require('../../../../index')
 const { Client, buildServer } = require('../../../utils')
 
 test('Sign with SigV4', (t) => {
-  t.plan(3)
+  t.plan(4);
 
   const mockCreds = {
     accessKeyId: uuidv4(),
@@ -48,11 +48,15 @@ test('Sign with SigV4', (t) => {
     }
   })
 
-  const signedRequest = auth.buildSignedRequestObject(request)
-  t.hasProp(signedRequest.headers, 'X-Amz-Date')
-  t.hasProp(signedRequest.headers, 'Authorization')
-  t.same(signedRequest.service, 'es')
-})
+  const signedRequest = auth.buildSignedRequestObject(request);
+  t.hasProp(signedRequest.headers, 'X-Amz-Date');
+  t.hasProp(signedRequest.headers, 'Authorization');
+  t.same(
+    signedRequest.headers['x-amz-content-sha256'],
+    'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
+  );
+  t.same(signedRequest.service, 'es');
+});
 
 test('Sign with SigV4 failure (with empty region)', (t) => {
   const mockCreds = {