Error "request signature does not match" in docker build

[jaraco]

While troubleshooting another issue, I'm getting intermittent failures when trying to download a file from PyPI. I've gone to the netifaces project and found the source file URL for the latest version (netifaces-0.11.0.tar.gz). I downloaded the file in one environment, but needed it in a Linux environment, so created this docker file:

FROM jaraco/multipy-tox

RUN pipx install httpie
RUN http https://files.pythonhosted.org/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz

When I build that file, I get the following:

 draft $ docker build --no-cache --progress plain .
pypi/warehouse#1 [internal] load build definition from Dockerfile
pypi/warehouse#1 sha256:45cdf4a0d3c13eec3e3eee801bcdeabc79a6bd6c31b932948ceba681c19a379f
pypi/warehouse#1 transferring dockerfile: 236B done
pypi/warehouse#1 DONE 0.0s

pypi/warehouse#2 [internal] load .dockerignore
pypi/warehouse#2 sha256:2f53bf71ca425d8b0cab4302f38b5bbfe98f422372dd31e6b9a9b1525ef7149c
pypi/warehouse#2 transferring context: 2B done
pypi/warehouse#2 DONE 0.0s

pypi/warehouse#3 [internal] load metadata for docker.io/jaraco/multipy-tox:latest
pypi/warehouse#3 sha256:f99bb5b255811eb5e0f34320a22686fd80d95c00183c070bbbbd89d1ab9edebe
pypi/warehouse#3 DONE 0.0s

pypi/warehouse#4 [1/3] FROM docker.io/jaraco/multipy-tox
pypi/warehouse#4 sha256:6d547c8e790803b81751627135b715e872a53824cb7b59ca5cda8bdbb227b897
pypi/warehouse#4 CACHED

pypi/warehouse#5 [2/3] RUN pipx install httpie
pypi/warehouse#5 sha256:e4331792e715ba4e6453fb3d4aa344c15e4155afccf34804ced7561d93e5fd44
pypi/warehouse#5 0.234 creating virtual environment...
pypi/warehouse#5 0.275 installing httpie...
pypi/warehouse#5 4.622   installed package httpie 3.2.1, installed using Python 3.11.0rc1
pypi/warehouse#5 4.622   These apps are now globally available
pypi/warehouse#5 4.622     - http
pypi/warehouse#5 4.622     - httpie
pypi/warehouse#5 4.622     - https
pypi/warehouse#5 4.622 done! ✨ 🌟 ✨
pypi/warehouse#5 DONE 4.7s

pypi/warehouse#6 [3/3] RUN http https://files.pythonhosted.org/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz
pypi/warehouse#6 sha256:7a080ea1ed046076fe2ac044f5af8de21be7c0aac41c98ef01512678583ffb89
pypi/warehouse#6 0.559 <?xml version='1.0' encoding='UTF-8'?><Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message><StringToSign>POST
pypi/warehouse#6 0.559 
pypi/warehouse#6 0.559 application/json
pypi/warehouse#6 0.559 Mon, 05 Sep 2022 14:19:08 GMT
pypi/warehouse#6 0.559 /pypi-files/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz</StringToSign></Error>#6 DONE 0.6s

pypi/warehouse#7 exporting to image
pypi/warehouse#7 sha256:e8c613e07b0b7ff33893b694f7759a10d42e180f2b4dc349fb57dc6b71dcab00
pypi/warehouse#7 exporting layers
pypi/warehouse#7 exporting layers 0.1s done
pypi/warehouse#7 writing image sha256:e897f3a1550025b72c3ee0b0fef8a515004eaeeeeb5f201afc06f59bc6805a69 done
pypi/warehouse#7 DONE 0.2s

Use 'docker scan' to run Snyk tests against images to find vulnerabilities and learn how to fix them

In particular, the request fails with:

pypi/warehouse#6 [3/3] RUN http https://files.pythonhosted.org/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz
pypi/warehouse#6 sha256:7a080ea1ed046076fe2ac044f5af8de21be7c0aac41c98ef01512678583ffb89
pypi/warehouse#6 0.559 <?xml version='1.0' encoding='UTF-8'?><Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message><StringToSign>POST
pypi/warehouse#6 0.559 
pypi/warehouse#6 0.559 application/json
pypi/warehouse#6 0.559 Mon, 05 Sep 2022 14:19:08 GMT
pypi/warehouse#6 0.559 /pypi-files/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz</StringToSign></Error>#6 DONE 0.6s

Curiously, if I run the same http command interactively or as part of the CMD, it works.

The error message seems a little suspicious, as I'm not contacting Google and I'm not supplying a secret key nor signing anything, so it seems to me it's something between warehouse and its backend that's failing.

[jaraco]

Aha, so when I run the http command with -v, I get a hint as to what's going wrong:

pypi/warehouse#6 [3/3] RUN http -v https://files.pythonhosted.org/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz
pypi/warehouse#6 sha256:32b52cd0eaaf7afc5f1109412d771137b8bed3a091b67b33d2612d9e3aca13c1
pypi/warehouse#6 0.507 POST /packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz HTTP/1.1
pypi/warehouse#6 0.507 Accept-Encoding: gzip, deflate
pypi/warehouse#6 0.507 Connection: keep-alive
pypi/warehouse#6 0.507 Content-Length: 0
pypi/warehouse#6 0.507 User-Agent: HTTPie/3.2.1
pypi/warehouse#6 0.507 Accept: application/json, */*;q=0.5
pypi/warehouse#6 0.507 Content-Type: application/json
pypi/warehouse#6 0.507 Host: files.pythonhosted.org
pypi/warehouse#6 0.507 
pypi/warehouse#6 0.507 
pypi/warehouse#6 0.507 
pypi/warehouse#6 0.507 HTTP/1.1 403 Forbidden
pypi/warehouse#6 0.507 Connection: keep-alive
pypi/warehouse#6 0.507 Content-Length: 426
pypi/warehouse#6 0.507 Content-Type: application/xml; charset=UTF-8
pypi/warehouse#6 0.507 Server: UploadServer
pypi/warehouse#6 0.507 Accept-Ranges: bytes
pypi/warehouse#6 0.507 Date: Mon, 05 Sep 2022 14:25:15 GMT
pypi/warehouse#6 0.507 X-Served-By: cache-bfi-krnt7300064-BFI, cache-iad-kiad7000036-IAD
pypi/warehouse#6 0.507 X-Cache: MISS, MISS
pypi/warehouse#6 0.507 X-Cache-Hits: 0, 0
pypi/warehouse#6 0.507 X-Timer: S1662387916.806833,VS0,VE119
pypi/warehouse#6 0.507 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
pypi/warehouse#6 0.507 X-Frame-Options: deny
pypi/warehouse#6 0.507 X-XSS-Protection: 1; mode=block
pypi/warehouse#6 0.507 X-Content-Type-Options: nosniff
pypi/warehouse#6 0.507 X-Permitted-Cross-Domain-Policies: none
pypi/warehouse#6 0.507 X-Robots-Header: noindex
pypi/warehouse#6 0.507 
pypi/warehouse#6 0.507 <?xml version='1.0' encoding='UTF-8'?><Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message><StringToSign>POST
pypi/warehouse#6 0.507 
pypi/warehouse#6 0.507 application/json
pypi/warehouse#6 0.507 Mon, 05 Sep 2022 14:25:15 GMT
pypi/warehouse#6 0.507 /pypi-files/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz</StringToSign></Error>#6 DONE 0.5s

It seems that when http is invoked non-interactively, it's setting the Content-Type to application/json, but it doesn't do that when I run it interactively:

 draft $ http -v https://files.pythonhosted.org/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz
GET /packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
Connection: keep-alive
Host: files.pythonhosted.org
User-Agent: HTTPie/3.1.0



HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Age: 5881416
Cache-Control: max-age=365000000, immutable, public
Connection: keep-alive
Content-Length: 30106
Content-Type: application/x-tar
Date: Mon, 05 Sep 2022 14:25:55 GMT
ETag: "3146dcb3297dd018ae5eb9a52b440419"
Last-Modified: Mon, 31 May 2021 08:33:03 GMT
Server: UploadServer
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Cache: HIT, HIT
X-Cache-Hits: 7, 1
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Robots-Header: noindex
X-Served-By: cache-bfi-krnt7300065-BFI, cache-iad-kiad7000176-IAD
X-Timer: S1662387955.306892,VS0,VE1
X-XSS-Protection: 1; mode=block
x-goog-generation: 1622449983154165
x-goog-hash: crc32c=jupVYg==, md5=MUbcsyl90BiuXrmlK0QEGQ==
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 30106



+-----------------------------------------+
| NOTE: binary data not shown in terminal |
+-----------------------------------------+

[jaraco]

Aha. So it seems the issue is GET vs POST. I can replicate the failure interactively with this command:

http -v POST https://files.pythonhosted.org/packages/a6/91/86a6eac449ddfae239e93ffc1918cf33fd9bab35c04d1e963b311e347a73/netifaces-0.11.0.tar.gz

It's surprising to me that http would selectively issue a POST vs GET action based on when the command is run, but there's probably a good reason for it.

So the basic issue is not rooted in warehouse, but it the usage of HTTPie.

Still, I recognize some things that warehouse could do to make this issue less mysterious:

• Provide a better error message when an invalid POST request is made. Instead of "signature does not match", something like "empty POST to this resource is invalid; did you mean GET?"
• Avoid forwarding requests to Google when they won't be expected to succeed.

I don't feel strongly that anything in warehouse needs to be done, so I leave it to maintainers to ascertain the next steps from here (if any).

[di]

Thanks for the issue. We should just be bouncing POST requests at the CDN. I've transferred this to #102 accordingly.