cloudserver/tests/functional/raw-node/test/malformedDateHeader.js at 9b836b82d069234dda8306cc24e50efd577846a4 · scality/cloudserver · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
const assert = require('assert');
const http = require('http');

const bucket = 'test-bucket';
const objectKey = 'test-file.txt';

describe('malformed Date header:', () => {
    it('should return AccessDenied for bad date with x-amz-content-sha256 header', done => {
        const options = {
            hostname: 'localhost',
            port: 8000,
            path: `/${bucket}/${objectKey}`,
            method: 'GET',
            headers: {
                'Date': 'BAD_DATE',
                'Authorization': 'AWS4-HMAC-SHA256 Credential=accessKey1/20260211/us-east-1/s3/aws4_request, ' +
                    'SignedHeaders=host, Signature=d459d5b2a2395b4c65d8f8aa2729b22c5abb04614fafbd93ab4fe203e76d21a3',
                'X-Amz-Content-Sha256': 'fa8d015f89da2a769d1cea7e3bd77a5670d098d7844cda148a40c1304e5b778b',
                'Host': 'localhost:8000'
            }
        };

        const req = http.request(options, res => {
            let body = '';
            res.on('data', chunk => {
                body += chunk;
            });
            res.on('end', () => {
                assert.strictEqual(res.statusCode, 403, 'Server should return 403 AccessDenied for malformed Date');
                assert(body.includes('AccessDenied'), 'Response should contain AccessDenied');
                assert(body.includes('Authentication requires a valid Date or x-amz-date header'));
                done();
            });
        });

        req.on('error', err => {
            // If we get ECONNRESET or similar, it means the server crashed
            assert.fail(`Server crashed or connection error: ${err.message}`);
        });

        req.end();
    });

    it('should return AccessDenied for bad x-amz-date with x-amz-content-sha256 header', done => {
        const options = {
            hostname: 'localhost',
            port: 8000,
            path: `/${bucket}/${objectKey}`,
            method: 'GET',
            headers: {
                'X-Amz-Date': 'BAD_DATE',
                'Authorization': 'AWS4-HMAC-SHA256 Credential=accessKey1/20260211/us-east-1/s3/aws4_request, ' +
                    'SignedHeaders=host;x-amz-date, ' +
                    'Signature=d459d5b2a2395b4c65d8f8aa2729b22c5abb04614fafbd93ab4fe203e76d21a3',
                'X-Amz-Content-Sha256': 'fa8d015f89da2a769d1cea7e3bd77a5670d098d7844cda148a40c1304e5b778b',
                'Host': 'localhost:8000'
            }
        };

        const req = http.request(options, res => {
            let body = '';
            res.on('data', chunk => {
                body += chunk;
            });
            res.on('end', () => {
                assert.strictEqual(res.statusCode, 403, 'Server should return 403 AccessDenied for malformed Date');
                assert(body.includes('AccessDenied'), 'Response should contain AccessDenied');
                assert(body.includes('Authentication requires a valid Date or x-amz-date header'));
                done();
            });
        });

        req.on('error', err => {
            // If we get ECONNRESET or similar, it means the server crashed
            assert.fail(`Server crashed or connection error: ${err.message}`);
        });

        req.end();
    });
});