AWS S3 authentication fails due to fractional seconds in timestamps #1131
Description
Description
AWS S3 presigned URL generation was failing due to incorrect timestamp formatting that included fractional seconds. AWS requires timestamps to follow the ISO8601 Long Format yyyyMMdd'T'HHmmss'Z' without fractional seconds, but the current implementation was producing timestamps like 2023-03-22T03-45-46.234232.
Root Cause
The get_formatted_timestamp_string function in components/core/src/clp/aws/AwsAuthenticationSigner.cpp was formatting timestamps directly from std::chrono::system_clock::time_point without truncating to second precision, which could include sub-second precision depending on the fmt library version or C++ version used.
Impact
- S3 authentication fails when using clp-s tool with timestamp keys
- Prevents successful compression operations with S3 storage
Solution
The issue was resolved by explicitly casting the timepoint to second precision using std::chrono::time_point_cast<std::chrono::seconds> before formatting.
References
- Fixed in PR: fix(core): Drop fractional seconds from formatted timestamps used for S3 signed-URL generation (fixes #1131). #1128
- Comment: fix(core): Drop fractional seconds from formatted timestamps used for S3 signed-URL generation (fixes #1131). #1128 (comment)
Validation
The fix was validated by:
- Exporting AWS credentials
- Building the clp-s tool
- Running compression command with S3 authentication and timestamp key
- Confirming the tool failed without the fix but succeeded after applying the change