From 754ec0ba86c561ac846c273c0de860e0a84d51be Mon Sep 17 00:00:00 2001
From: Gregory Schier <gschier1990@gmail.com>
Date: Fri, 24 Oct 2025 08:42:18 -0700
Subject: [PATCH] Fix AWS auth
 https://x.com/NilsFleischer63/status/1981719735432511553

---
 plugins/auth-aws/src/index.ts | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/plugins/auth-aws/src/index.ts b/plugins/auth-aws/src/index.ts
index 560e4815..323c48f5 100644
--- a/plugins/auth-aws/src/index.ts
+++ b/plugins/auth-aws/src/index.ts
@@ -57,16 +57,17 @@ export const plugin: PluginDefinition = {
         }
       }
 
-      // TODO: Support body signing here
-      headers['x-amz-content-sha256'] = 'UNSIGNED-PAYLOAD';
+      if (args.method !== 'GET') {
+        headers['x-amz-content-sha256'] = 'UNSIGNED-PAYLOAD';
+      }
 
       const signature = aws4.sign(
         {
           host: url.host,
           method: args.method,
-          path: url.pathname + (url.search || '') || undefined,
-          service: String(values.service || 'sts') || undefined,
-          region: String(values.region || 'us-east-1') || undefined,
+          path: url.pathname + (url.search || ''),
+          service: String(values.service || 'sts'),
+          region: values.region ? String(values.region) : undefined,
           headers,
         },
         {
@@ -81,8 +82,6 @@ export const plugin: PluginDefinition = {
       //  - opts.headers["X-Amz-Date"]
       //  - optionally content sha256 header etc
 
-      console.log('ADDING STUFF', signature);
-
       if (signature.headers == null) {
         return {};
       }