From 1b3db52d4e870af724107b86e9b3d6df2033c257 Mon Sep 17 00:00:00 2001 From: malakaganga Date: Wed, 20 Mar 2024 15:06:27 +0530 Subject: [PATCH] Fix Signature Validation failure There was a issue where the generated hash of actual request and signature are different when there is a new line character presence. Fixed it by matching the encoding of formatter and connector. Fixes: https://github.com/wso2/micro-integrator/issues/3276 --- pom.xml | 2 +- .../auth/AmazonSQSAuthConnector.java | 51 ++++++++++++++++++- 2 files changed, 50 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index 0b6a207..c437a85 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@ org.wso2.carbon.connector org.wso2.carbon.connector.amazonsqs jar - 1.1.2 + 1.1.3 WSO2 Carbon - Mediation Library Connector For amazonsqs http://wso2.org diff --git a/src/main/java/org/wso2/carbon/connector/amazonsqs/auth/AmazonSQSAuthConnector.java b/src/main/java/org/wso2/carbon/connector/amazonsqs/auth/AmazonSQSAuthConnector.java index f3616d8..397e3cd 100644 --- a/src/main/java/org/wso2/carbon/connector/amazonsqs/auth/AmazonSQSAuthConnector.java +++ b/src/main/java/org/wso2/carbon/connector/amazonsqs/auth/AmazonSQSAuthConnector.java @@ -18,8 +18,12 @@ package org.wso2.carbon.connector.amazonsqs.auth; +import org.apache.axiom.om.OMElement; +import org.apache.axis2.AxisFault; import org.apache.synapse.MessageContext; import org.apache.synapse.SynapseConstants; +import org.apache.synapse.commons.json.JsonUtil; +import org.apache.synapse.core.axis2.Axis2MessageContext; import org.wso2.carbon.connector.amazonsqs.constants.AmazonSQSConstants; import org.wso2.carbon.connector.core.AbstractConnector; @@ -102,8 +106,32 @@ public final void connect(final MessageContext messageContext) { for (Map.Entry entry : parametersMap.entrySet()) { payloadBuilder.append(URLEncoder.encode(entry.getKey(), charSet)); payloadBuilder.append(AmazonSQSConstants.EQUAL); - payloadBuilder.append(URLEncoder.encode(entry.getValue().replace(System.lineSeparator(),""). - replace("\\\"", "\""), charSet)); + if (entry.getKey().equals(AmazonSQSConstants.API_MESSAGE_BODY) + && AmazonSQSConstants.JSON_START_CHARACTER.contains(entry.getValue().substring(0, 1))) { + + // Create a JSON string payload as same as the payload we attach to the message context in below + String jsonStr = getJsonString(entry); + // Then mimic the payload factory by getting new JSON payload + JsonUtil.getNewJsonPayload(((Axis2MessageContext) messageContext). + getAxis2MessageContext(), jsonStr, true, true); + + // Finally get the JSON payload from the message context and encode it as same as in the formatter. + OMElement omElement = messageContext.getEnvelope().getBody().getFirstElement(); + if (omElement != null) { + Iterator it = omElement.getChildElements(); + while (it.hasNext()) { + OMElement ele1 = (OMElement) it.next(); + payloadBuilder.append(URLEncoder.encode(ele1.getText(), charSet)); + } + } else { + payloadBuilder.append(URLEncoder.encode + (entry.getValue().replace(System.lineSeparator(), ""). + replace("\\\"", "\""), charSet)); + } + } else { + payloadBuilder.append(URLEncoder.encode(entry.getValue().replace(System.lineSeparator(), ""). + replace("\\\"", "\""), charSet)); + } payloadBuilder.append(AmazonSQSConstants.AMPERSAND); payloadStrBuilder.append('"'); payloadStrBuilder.append(entry.getKey()); @@ -217,10 +245,29 @@ public final void connect(final MessageContext messageContext) { log.error(AmazonSQSConstants.UNSUPPORTED_ENCORDING_ERROR, exc); storeErrorResponseStatus(messageContext, exc, AmazonSQSConstants.UNSUPPORTED_ENCORDING_ERROR_CODE); handleException(AmazonSQSConstants.CONNECTOR_ERROR, exc, messageContext); + } catch (AxisFault exc) { + log.error(AmazonSQSConstants.ILLEGAL_STATE_ERROR, exc); + storeErrorResponseStatus(messageContext, exc, AmazonSQSConstants.ILLEGAL_STATE_ERROR_CODE); + handleException(AmazonSQSConstants.CONNECTOR_ERROR, exc, messageContext); } } + private static String getJsonString(Map.Entry entry) { + StringBuilder jsonBuilder = new StringBuilder(); + jsonBuilder.append('"'); + jsonBuilder.append(entry.getKey()); + jsonBuilder.append('"'); + jsonBuilder.append(AmazonSQSConstants.COLON); + jsonBuilder.append('"'); + jsonBuilder.append(entry.getValue().replace(System.lineSeparator(),""). + replace("\"", "\\\"").replace("\\\\\"", "\\\"")); + jsonBuilder.append('"'); + jsonBuilder.append(AmazonSQSConstants.COMMA); + String jsonStr = "{" + jsonBuilder.substring(0, jsonBuilder.length() - 1) + "}"; + return jsonStr; + } + /** * getKeys method returns a list of parameter keys. *