diff --git a/Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/AWS.cs b/Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/AWS.cs index 605c77b0..b1f5e129 100644 --- a/Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/AWS.cs +++ b/Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/AWS.cs @@ -53,7 +53,7 @@ private static async Task GetTemporaryCredentialsAsync(string id }; } - private static async Task GenerateDataKey(AwsCredentials credentials, IThirdwebHttpClient httpClient) + private static async Task GenerateDataKey(AwsCredentials credentials, IThirdwebHttpClient httpClient, DateTime? dateOverride = null) { var client = Utils.ReconstructHttpClient(httpClient); var endpoint = $"https://kms.{AWS_REGION}.amazonaws.com/"; @@ -64,9 +64,10 @@ private static async Task GenerateDataKey(AwsCredentials credentials, IT client.AddHeader("X-Amz-Target", "TrentService.GenerateDataKey"); - var dateTimeNow = DateTime.UtcNow; + var dateTimeNow = dateOverride ?? DateTime.UtcNow; var dateStamp = dateTimeNow.ToString("yyyyMMdd"); - var amzDate = dateTimeNow.ToString("yyyyMMddTHHmmssZ"); + var amzDateFormat = "yyyyMMddTHHmmssZ"; + var amzDate = dateTimeNow.ToString(amzDateFormat); var canonicalUri = "/"; var canonicalHeaders = $"host:kms.{AWS_REGION}.amazonaws.com\nx-amz-date:{amzDate}\n"; @@ -104,6 +105,12 @@ private static async Task GenerateDataKey(AwsCredentials credentials, IT if (!response.IsSuccessStatusCode) { + if (dateOverride == null && responseContent.Contains("InvalidSignatureException")) + { + var parsedTime = responseContent.Substring(responseContent.LastIndexOf('(') + 1, amzDate.Length); + return await GenerateDataKey(credentials, httpClient, DateTime.ParseExact(parsedTime, amzDateFormat, System.Globalization.CultureInfo.InvariantCulture).ToUniversalTime()) + .ConfigureAwait(false); + } throw new Exception($"Failed to generate data key: {responseContent}"); }