From 0154fad44fc520b75248492cacd7ac8d3444297f Mon Sep 17 00:00:00 2001
From: Tarun Koyalwar <tarun@projectdiscovery.io>
Date: Mon, 16 Jan 2023 21:43:17 +0530
Subject: [PATCH 1/3] aws sign: fix missing variables

---
 v2/pkg/protocols/http/build_request.go   |  7 +------
 v2/pkg/protocols/http/request.go         | 10 +++++-----
 v2/pkg/protocols/http/signature.go       | 10 ----------
 v2/pkg/protocols/http/signer/aws-sign.go |  4 ----
 4 files changed, 6 insertions(+), 25 deletions(-)

diff --git a/v2/pkg/protocols/http/build_request.go b/v2/pkg/protocols/http/build_request.go
index f65dd7f50b..8ed3f5ac81 100644
--- a/v2/pkg/protocols/http/build_request.go
+++ b/v2/pkg/protocols/http/build_request.go
@@ -138,11 +138,6 @@ func (r *requestGenerator) makeSelfContainedRequest(ctx context.Context, data st
 			generators.BuildPayloadFromOptions(r.request.options.Options),
 		)
 
-		// in case cases (eg requests signing, some variables uses default values if missing)
-		if defaultList := GetVariablesDefault(r.request.Signature.Value); defaultList != nil {
-			values = generators.MergeMaps(defaultList, values)
-		}
-
 		parts[1] = replacer.Replace(parts[1], values)
 		if len(dynamicValues) > 0 {
 			parts[1] = replacer.Replace(parts[1], dynamicValues)
@@ -211,7 +206,7 @@ func baseURLWithTemplatePrefs(data string, parsed *url.URL, isRaw bool) (string,
 	// parsed.RawQuery = ""
 
 	// ex: {{BaseURL}}/metrics?user=xxx
-	dataURLrelpath := strings.TrimLeft(data, "{{BaseURL}}") //nolint:all
+	dataURLrelpath := strings.TrimPrefix(data, "{{BaseURL}}")
 
 	if dataURLrelpath == "" || dataURLrelpath == "/" {
 		// just attach raw query to data
diff --git a/v2/pkg/protocols/http/request.go b/v2/pkg/protocols/http/request.go
index db77bb0de2..daa79784da 100644
--- a/v2/pkg/protocols/http/request.go
+++ b/v2/pkg/protocols/http/request.go
@@ -768,14 +768,14 @@ func (request *Request) handleSignature(generatedRequest *generatedRequest) erro
 	switch request.Signature.Value {
 	case AWSSignature:
 		var awsSigner signer.Signer
-		vars := request.options.Options.Vars.AsMap()
+		allvars := generators.MergeMaps(request.options.Options.Vars.AsMap(), generatedRequest.dynamicValues)
 		awsopts := signer.AWSOptions{
-			AwsID:          types.ToString(vars["aws-id"]),
-			AwsSecretToken: types.ToString(vars["aws-secret"]),
+			AwsID:          types.ToString(allvars["aws-id"]),
+			AwsSecretToken: types.ToString(allvars["aws-secret"]),
 		}
 		// type ctxkey string
-		ctx := context.WithValue(context.Background(), signer.SignerArg("service"), generatedRequest.dynamicValues["service"])
-		ctx = context.WithValue(ctx, signer.SignerArg("region"), generatedRequest.dynamicValues["region"])
+		ctx := context.WithValue(context.Background(), signer.SignerArg("service"), allvars["service"])
+		ctx = context.WithValue(ctx, signer.SignerArg("region"), allvars["region"])
 
 		awsSigner, err := signerpool.Get(request.options.Options, &signerpool.Configuration{SignerArgs: &awsopts})
 		if err != nil {
diff --git a/v2/pkg/protocols/http/signature.go b/v2/pkg/protocols/http/signature.go
index e7f74150e0..a72a7ff619 100644
--- a/v2/pkg/protocols/http/signature.go
+++ b/v2/pkg/protocols/http/signature.go
@@ -96,13 +96,3 @@ func GetVariablesNamesSkipList(signature SignatureType) map[string]interface{} {
 		return nil
 	}
 }
-
-// GetVariablesNamesSkipList depending on the signature type
-func GetVariablesDefault(signature SignatureType) map[string]interface{} {
-	switch signature {
-	case AWSSignature:
-		return signer.AwsDefaultVars
-	default:
-		return nil
-	}
-}
diff --git a/v2/pkg/protocols/http/signer/aws-sign.go b/v2/pkg/protocols/http/signer/aws-sign.go
index 184cde7129..bae1206bd3 100644
--- a/v2/pkg/protocols/http/signer/aws-sign.go
+++ b/v2/pkg/protocols/http/signer/aws-sign.go
@@ -113,10 +113,6 @@ var AwsSkipList = map[string]interface{}{
 	"region": struct{}{},
 }
 
-var AwsDefaultVars = map[string]interface{}{
-	"region": "us-east-2",
-}
-
 var AwsInternalOnlyVars = map[string]interface{}{
 	"aws-id":     struct{}{},
 	"aws-secret": struct{}{},

From 90d6e70950f11b0a40418608ead3ee94adc51918 Mon Sep 17 00:00:00 2001
From: Tarun Koyalwar <tarun@projectdiscovery.io>
Date: Sun, 22 Jan 2023 18:19:42 +0530
Subject: [PATCH 2/3] signer: add aws defaults

---
 v2/pkg/protocols/http/request.go         |  2 ++
 v2/pkg/protocols/http/signer/aws-sign.go | 10 ++++++++++
 2 files changed, 12 insertions(+)

diff --git a/v2/pkg/protocols/http/request.go b/v2/pkg/protocols/http/request.go
index daa79784da..d907eefd28 100644
--- a/v2/pkg/protocols/http/request.go
+++ b/v2/pkg/protocols/http/request.go
@@ -769,6 +769,8 @@ func (request *Request) handleSignature(generatedRequest *generatedRequest) erro
 	case AWSSignature:
 		var awsSigner signer.Signer
 		allvars := generators.MergeMaps(request.options.Options.Vars.AsMap(), generatedRequest.dynamicValues)
+		// adds default values to variables if missing
+		signer.AddDefaults(allvars)
 		awsopts := signer.AWSOptions{
 			AwsID:          types.ToString(allvars["aws-id"]),
 			AwsSecretToken: types.ToString(allvars["aws-secret"]),
diff --git a/v2/pkg/protocols/http/signer/aws-sign.go b/v2/pkg/protocols/http/signer/aws-sign.go
index bae1206bd3..d0ea2cdab2 100644
--- a/v2/pkg/protocols/http/signer/aws-sign.go
+++ b/v2/pkg/protocols/http/signer/aws-sign.go
@@ -117,3 +117,13 @@ var AwsInternalOnlyVars = map[string]interface{}{
 	"aws-id":     struct{}{},
 	"aws-secret": struct{}{},
 }
+
+// AddDefaults adds default values required by signer if missing
+func AddDefaults(x map[string]interface{}) {
+	if _, ok := x["region"]; !ok {
+		x["region"] = "us-east-2"
+	}
+	if _, ok := x["service"]; !ok {
+		x["service"] = "sts"
+	}
+}

From 54061fc5db1f0180b690af50f7fe36f284ec964b Mon Sep 17 00:00:00 2001
From: Tarun Koyalwar <tarun@projectdiscovery.io>
Date: Sun, 22 Jan 2023 18:41:37 +0530
Subject: [PATCH 3/3] aws signer default values

---
 v2/pkg/protocols/http/request.go         |  7 +------
 v2/pkg/protocols/http/signer/aws-sign.go | 15 +++++----------
 v2/pkg/protocols/http/signer/signer.go   | 20 ++++++++++++++++++++
 3 files changed, 26 insertions(+), 16 deletions(-)

diff --git a/v2/pkg/protocols/http/request.go b/v2/pkg/protocols/http/request.go
index d907eefd28..82e75be61a 100644
--- a/v2/pkg/protocols/http/request.go
+++ b/v2/pkg/protocols/http/request.go
@@ -769,20 +769,15 @@ func (request *Request) handleSignature(generatedRequest *generatedRequest) erro
 	case AWSSignature:
 		var awsSigner signer.Signer
 		allvars := generators.MergeMaps(request.options.Options.Vars.AsMap(), generatedRequest.dynamicValues)
-		// adds default values to variables if missing
-		signer.AddDefaults(allvars)
 		awsopts := signer.AWSOptions{
 			AwsID:          types.ToString(allvars["aws-id"]),
 			AwsSecretToken: types.ToString(allvars["aws-secret"]),
 		}
-		// type ctxkey string
-		ctx := context.WithValue(context.Background(), signer.SignerArg("service"), allvars["service"])
-		ctx = context.WithValue(ctx, signer.SignerArg("region"), allvars["region"])
-
 		awsSigner, err := signerpool.Get(request.options.Options, &signerpool.Configuration{SignerArgs: &awsopts})
 		if err != nil {
 			return err
 		}
+		ctx := signer.GetCtxWithArgs(allvars, signer.AwsDefaultVars)
 		err = awsSigner.SignHTTP(ctx, generatedRequest.request.Request)
 		if err != nil {
 			return err
diff --git a/v2/pkg/protocols/http/signer/aws-sign.go b/v2/pkg/protocols/http/signer/aws-sign.go
index d0ea2cdab2..d2dd8bf84a 100644
--- a/v2/pkg/protocols/http/signer/aws-sign.go
+++ b/v2/pkg/protocols/http/signer/aws-sign.go
@@ -113,17 +113,12 @@ var AwsSkipList = map[string]interface{}{
 	"region": struct{}{},
 }
 
+var AwsDefaultVars = map[string]interface{}{
+	"region":  "us-east-2",
+	"service": "sts",
+}
+
 var AwsInternalOnlyVars = map[string]interface{}{
 	"aws-id":     struct{}{},
 	"aws-secret": struct{}{},
 }
-
-// AddDefaults adds default values required by signer if missing
-func AddDefaults(x map[string]interface{}) {
-	if _, ok := x["region"]; !ok {
-		x["region"] = "us-east-2"
-	}
-	if _, ok := x["service"]; !ok {
-		x["service"] = "sts"
-	}
-}
diff --git a/v2/pkg/protocols/http/signer/signer.go b/v2/pkg/protocols/http/signer/signer.go
index 2e07a13725..c5a768b37d 100644
--- a/v2/pkg/protocols/http/signer/signer.go
+++ b/v2/pkg/protocols/http/signer/signer.go
@@ -4,6 +4,8 @@ import (
 	"context"
 	"errors"
 	"net/http"
+
+	"github.com/projectdiscovery/nuclei/v2/pkg/types"
 )
 
 // An Argument that can be passed to Signer
@@ -32,3 +34,21 @@ func NewSigner(args SignerArgs) (signer Signer, err error) {
 		return nil, errors.New("unknown signature arguments type")
 	}
 }
+
+// GetCtxWithArgs creates and returns context with signature args
+func GetCtxWithArgs(maps ...map[string]interface{}) context.Context {
+	var region, service string
+	for _, v := range maps {
+		for key, val := range v {
+			if key == "region" && region == "" {
+				region = types.ToString(val)
+			}
+			if key == "service" && service == "" {
+				service = types.ToString(val)
+			}
+		}
+	}
+	// type ctxkey string
+	ctx := context.WithValue(context.Background(), SignerArg("service"), service)
+	return context.WithValue(ctx, SignerArg("region"), region)
+}