Use invariant culture for AWS date formatting #158
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Updated date formatting and parsing in AWS authentication to explicitly use System.Globalization.CultureInfo.InvariantCulture and DateTimeStyles.AssumeUniversal. This ensures consistent behavior regardless of system locale. Closes BLD-298
WalkthroughCulture-invariant formatting was applied to AWS date strings, and server time parsing in the signature-expired retry path was adjusted to treat parsed times as UTC using DateTimeStyles.AssumeUniversal. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant Client
participant AWSAuth as AWS Auth Helper
participant AWSSvc as AWS Service
rect rgba(200,220,255,0.25)
note right of AWSAuth: Build signed request (culture-invariant date formatting)
Client->>AWSAuth: Prepare request
AWSAuth->>AWSSvc: Send signed request
end
alt Success
AWSSvc-->>AWSAuth: 200 OK
AWSAuth-->>Client: Response
else Signature expired
AWSSvc-->>AWSAuth: 403 SignatureExpired + ServerTime
note right of AWSAuth: Parse ServerTime as UTC (AssumeUniversal)
AWSAuth->>AWSSvc: Re-sign and retry
AWSSvc-->>AWSAuth: Response
AWSAuth-->>Client: Response
end
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Pre-merge checks (4 passed, 1 warning)❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing touches
🧪 Generate unit tests
Comment |
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (2)
Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/AWS.cs (2)
178-186: Treating server time as UTC is correct; add a bounds check and (optionally) AdjustToUniversalCurrent substring can throw if AWS changes error text shape. Guard length before Substring; also consider AdjustToUniversal (harmless with ‘Z’ input) for completeness.
- var idx = responseContent.LastIndexOf('('); - if (idx > -1) - { - var parsedTimeString = responseContent.Substring(idx + 1, amzDate.Length); - var serverTime = DateTime.ParseExact(parsedTimeString, amzDateFormat, System.Globalization.CultureInfo.InvariantCulture, System.Globalization.DateTimeStyles.AssumeUniversal); + var idx = responseContent.LastIndexOf('('); + if (idx > -1 && idx + 1 + amzDate.Length <= responseContent.Length) + { + var parsedTimeString = responseContent.Substring(idx + 1, amzDate.Length); + var serverTime = DateTime.ParseExact( + parsedTimeString, + amzDateFormat, + System.Globalization.CultureInfo.InvariantCulture, + System.Globalization.DateTimeStyles.AssumeUniversal | System.Globalization.DateTimeStyles.AdjustToUniversal);
229-231: Hex formatting: align with invariant push (nit)AppendFormat defaults to current culture. It’s already safe for “x2”, but using InvariantCulture keeps the file consistently culture-agnostic.
- _ = hex.AppendFormat("{0:x2}", b); + _ = hex.AppendFormat(System.Globalization.CultureInfo.InvariantCulture, "{0:x2}", b);
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (1)
Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/AWS.cs(2 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: build-test-cov
🔇 Additional comments (1)
Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/AWS.cs (1)
135-136: Invariant culture for SigV4 timestamps — LGTMUsing CultureInfo.InvariantCulture for amzDate and dateStamp is correct and prevents locale/calendar-induced breakage.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updated date formatting and parsing in AWS authentication to explicitly use System.Globalization.CultureInfo.InvariantCulture and DateTimeStyles.AssumeUniversal. This ensures consistent behavior regardless of system locale.
Closes BLD-298
PR-Codex overview
This PR focuses on improving the date formatting in the
AWS.csfile by ensuring that date strings are consistently formatted usingSystem.Globalization.CultureInfo.InvariantCulture.Detailed summary
amzDateanddateStampto useCultureInfo.InvariantCulturefor string formatting.serverTimeparsing to includeDateTimeStyles.AssumeUniversalfor accurate time interpretation.Summary by CodeRabbit
Bug Fixes
Reliability