Change config for Sigv4a signing to not perform path normalization (#4430)

cenedhryn · web-flow · commit 3634ff4370a7 · 2023-09-18T09:21:04.000-07:00
* Change config for Sigv4a signing to not perform path normalization, which causes signature mismatch errors with S3 service

* Adds different paths to MRAP integration test
diff --git a/.changes/next-release/bugfix-AWSSDKforJavav2-750825c.json b/.changes/next-release/bugfix-AWSSDKforJavav2-750825c.json
@@ -0,0 +1,6 @@
+{
+    "type": "bugfix",
+    "category": "AWS SDK for Java v2",
+    "contributor": "",
+    "description": "Do not instruct the CRT Sigv4a signer to do path normalization to avoid signature mismatch errors"
+}
diff --git a/core/auth-crt/src/main/java/software/amazon/awssdk/authcrt/signer/internal/SigningConfigProvider.java b/core/auth-crt/src/main/java/software/amazon/awssdk/authcrt/signer/internal/SigningConfigProvider.java
@@ -32,6 +32,7 @@
 public class SigningConfigProvider {
 
     private static final Boolean DEFAULT_DOUBLE_URL_ENCODE = Boolean.TRUE;
+    private static final Boolean DEFAULT_PATH_NORMALIZATION = Boolean.TRUE;
 
     public SigningConfigProvider() {
     }
@@ -89,13 +90,20 @@ private AwsSigningConfig createPresigningConfig(ExecutionAttributes executionAtt
     private AwsSigningConfig createDefaultRequestConfig(ExecutionAttributes executionAttributes) {
         AwsSigningConfig signingConfig = createStringToSignConfig(executionAttributes);
 
-        signingConfig.setShouldNormalizeUriPath(true);
+        if (executionAttributes.getAttribute(AwsSignerExecutionAttribute.SIGNER_NORMALIZE_PATH) != null) {
+            signingConfig.setShouldNormalizeUriPath(
+                executionAttributes.getAttribute(AwsSignerExecutionAttribute.SIGNER_NORMALIZE_PATH));
+        } else {
+            signingConfig.setShouldNormalizeUriPath(DEFAULT_PATH_NORMALIZATION);
+        }
+
         if (executionAttributes.getAttribute(AwsSignerExecutionAttribute.SIGNER_DOUBLE_URL_ENCODE) != null) {
-            signingConfig.setUseDoubleUriEncode(executionAttributes
-                                                    .getAttribute(AwsSignerExecutionAttribute.SIGNER_DOUBLE_URL_ENCODE));
+            signingConfig.setUseDoubleUriEncode(
+                executionAttributes.getAttribute(AwsSignerExecutionAttribute.SIGNER_DOUBLE_URL_ENCODE));
         } else {
             signingConfig.setUseDoubleUriEncode(DEFAULT_DOUBLE_URL_ENCODE);
         }
+
         return signingConfig;
     }
 
diff --git a/services/s3control/src/it/java/software.amazon.awssdk.services.s3control/S3MrapIntegrationTest.java b/services/s3control/src/it/java/software.amazon.awssdk.services.s3control/S3MrapIntegrationTest.java
