Deduplicate slashes for sigv4 signature

Signed-off-by: Ujjwal Goyal <[email protected]>

Author: importhuman

sigv4/sigv4.go

@@ -115,6 +115,10 @@ func (rt *sigV4RoundTripper) RoundTrip(req *http.Request) (*http.Response, error
 	}()
 	req.Body = ioutil.NopCloser(seeker)
 
+	// Escape URL like documented in AWS documentation.
+	// https://docs.aws.amazon.com/sdk-for-go/api/aws/signer/v4/#pkg-overview
+	req.URL.Path = req.URL.EscapedPath()
+
 	// Clone the request and trim out headers that we don't want to sign.
 	signReq := req.Clone(req.Context())
 	for _, header := range sigv4HeaderDenylist {

sigv4/sigv4_test.go

@@ -89,4 +89,14 @@ func TestSigV4RoundTripper(t *testing.T) {
 
 		require.Equal(t, origReq.Header.Get("Authorization"), gotReq.Header.Get("Authorization"))
 	})
+
+	t.Run("Escape URL", func(t *testing.T) {
+		req, err := http.NewRequest(http.MethodPost, "google.com/test//test", strings.NewReader("Hello, world!"))
+		require.NoError(t, err)
+		require.Equal(t, "google.com/test//test", req.URL.Path)
+
+		// Escape URL and check
+		req.URL.Path = req.URL.EscapedPath()
+		require.Equal(t, "google.com/test/test", req.URL.Path)
+	})
 }