SNOW-2183023: fixed tests

sfc-gh-fpawlowski · sfc-gh-fpawlowski · commit af2f4a32eb6a · 2025-07-08T09:55:13.000+02:00
diff --git a/test/csp_helpers.py b/test/csp_helpers.py
@@ -279,32 +279,36 @@ def get_boto_credentials(self, *_, **__) -> Credentials | None:
     def get_aws_credentials(self, *_, **__) -> AwsCredentials | None:
         return self.util_creds
 
-    def sign_request(self, request: AWSRequest):
-        # Generate a proper-looking authorization header that matches what the real signer would produce
+    def sign_request(self, request: AWSRequest) -> None:
+        """
+        Fake replacement for botocore SigV4Auth.add_auth that produces the same
+        *static* parts of the Authorization header (everything before
+        `Signature=`).
+        """
+        # Add the headers a real signer would inject
         utc_now = datetime.datetime.utcnow()
         amz_date = utc_now.strftime("%Y%m%dT%H%M%SZ")
-        date_string = utc_now.strftime("%Y%m%d")
+        date_stamp = utc_now.strftime("%Y%m%d")
 
-        # Add the same headers that the real signer would add
-        request.headers.add_header("X-Amz-Date", amz_date)
-        request.headers.add_header("X-Amz-Security-Token", self.util_creds.token)
+        request.headers["X-Amz-Date"] = amz_date
+        if self.util_creds.token:
+            request.headers["X-Amz-Security-Token"] = self.util_creds.token
 
-        # Generate signed headers list that matches what the real signer would include
-        header_keys = []
-        for key in sorted(request.headers.keys(), key=str.lower):
-            header_keys.append(key.lower())
+        # Host header is already set by the test; add it if a future test forgets
+        if "Host" not in request.headers:
+            request.headers["Host"] = urlparse(request.url).netloc
 
-        signed_headers = ";".join(header_keys)
-        credential_scope = f"{date_string}/{self.region}/sts/aws4_request"
+        # Build the signed-headers list
+        signed_headers = ";".join(sorted(h.lower() for h in request.headers.keys()))
 
-        authorization = (
-            f"AWS4-HMAC-SHA256 "
+        credential_scope = f"{date_stamp}/{self.region}/sts/aws4_request"
+
+        request.headers["Authorization"] = (
+            "AWS4-HMAC-SHA256 "
             f"Credential={self.util_creds.access_key}/{credential_scope}, "
             f"SignedHeaders={signed_headers}, Signature=<sig>"
         )
 
-        request.headers.add_header("Authorization", authorization)
-
     def __enter__(self):
         # Preserve existing env and then set creds/region for util fallback
         self._old_env = {
