Describe the bug
src/Signature/SignatureV4.php has the method getCanonicalizedQuery. It sorts query parameters by decoded keys and then by decoded values. But it is incorrect. It must sort them by encoded keys and encoded values. The aws4 NPM package sorts them correctly.
Regression Issue
Expected Behavior
The getCanonicalizedQuery function should sort query string parameters by encoded keys and encoded values.
Current Behavior
The getCanonicalizedQuery function sorts query parameters by decoded keys and decoded values, which is incorrect.
Reproduction Steps
To recreate the issue, generate the signature for the following URL
/smth?agent-role=SomeRole&agent%3Acontains=test
The function should return
agent%3Acontains=test&agent-role=SomeRole
because % comes before - in ASCII.
But it returns
agent-role=SomeRole&agent%3Acontains=test
because it sorts them by decoded keys and - comes before : in ASCII.
Possible Solution
$encKeyToEncValuesMap = [];
foreach ($query as $k => $v) {
if (!is_array($v)) {
$v = [$v];
}
$values = array_map(function ($v) { return rawurlencode($v !== null ? $v : ''); }, $v);
sort($values);
$encKeyToEncValuesMap[rawurlencode($k !== null ? $k : '')] = $values;
}
ksort($encKeyToEncValuesMap);
$qs = '';
$i = 0;
foreach ($encKeyToEncValuesMap as $encKey => $encValues) {
if ($i++) {
$qs .= '&';
}
foreach ($encValues as $encValue) {
$qs .= $encKey . '=' . $encValue;
}
}
return $qs;
Additional Information/Context
No response
SDK version used
3.343.23
Environment details (Version of PHP (php -v)? OS name and version, etc.)
php 8.2
Describe the bug
src/Signature/SignatureV4.php has the method
getCanonicalizedQuery. It sorts query parameters by decoded keys and then by decoded values. But it is incorrect. It must sort them by encoded keys and encoded values. The aws4 NPM package sorts them correctly.Regression Issue
Expected Behavior
The
getCanonicalizedQueryfunction should sort query string parameters by encoded keys and encoded values.Current Behavior
The
getCanonicalizedQueryfunction sorts query parameters by decoded keys and decoded values, which is incorrect.Reproduction Steps
To recreate the issue, generate the signature for the following URL
/smth?agent-role=SomeRole&agent%3Acontains=test
The function should return
agent%3Acontains=test&agent-role=SomeRole
because % comes before - in ASCII.
But it returns
agent-role=SomeRole&agent%3Acontains=test
because it sorts them by decoded keys and - comes before : in ASCII.
Possible Solution
Additional Information/Context
No response
SDK version used
3.343.23
Environment details (Version of PHP (
php -v)? OS name and version, etc.)php 8.2