Hello,
I’ve built a flask server to handle AMI requests. I followed this article to setup validation. That has been working great for most of our AMIs but now I’ve implemented a new AMI to download Versions. This validates fine when looking at the Version list page of a project. However, if you use the AMI from the Media page it fails to validate. It seems like my flask endpoint is being sent incomplete request form data. In the below logs “our signature” corresponds to the signature computed using the secret key and the request form data as described in the article above.
This first log is from an AMI request sent from a Versions list page and shows a successful validation.
Validating AMI Signature...
our signature: 89251cdb6dd60acfc8c00529e090ede484e4370c
request signature: 89251cdb6dd60acfc8c00529e090ede484e4370c
request arguments: cols=image,entity,code
column_display_names=Thumbnail,Link,Version Name
entity_type=Version
ids=12178
page_id=11713
project_id=652
project_name=20-XXX-TEST_PROJECT_B
referrer_path=/detail/HumanUser/89
selected_ids=12178
server_hostname=#########################
session_uuid=#########################
sort_column=updated_at
sort_direction=desc
target_column=image
timestamp=2020-11-19T15:44:25Z
title=undefined
user_id=89
user_login=dan.bradham
view=Default
This next log is from an AMI request sent from the Media page showing a failed validation.
Validating AMI Signature...
our signature: 4e9240dd3f742738dc34384a263662a6136007d6
request signature: 1a071f8d9598e0873151cb530eb61b185e1746fb
request arguments: cols=
column_display_names=
entity_type=Version
ids=12178
page_id=8331
project_id=652
project_name=20-XXX-TEST_PROJECT_B
referrer_path=/page/8331
selected_ids=12178
server_hostname=#########################
session_uuid=#########################
timestamp=2020-11-19T15:45:12Z
title=undefined
user_id=89
user_login=dan.bradham
As a temporary stop-gap I’ve disabled validation on this particular AMI, but I really don’t want to! Any ideas?