From 709c4a5b4d6ff16a3d44bfc29f273f898510bea6 Mon Sep 17 00:00:00 2001
From: Allan Zheng <zheallan@amazon.com>
Date: Tue, 13 Jun 2023 23:54:28 -0700
Subject: [PATCH] fix(core): make Signer.sign side-effect-ful

the previous Signer.sign() implementation not only returns signed
request, but also sets the signed headers to input request. The
recent refactor makes it side-effect-less.

However this change breaks RestClient.ajax() clock skew correction
which relies on the x-amz-date header set by signer to the input
request object to indicate the current client side time.

this fix resolves #11480
---
 packages/core/__tests__/Signer-test.ts | 20 ++++++++++++++++++++
 packages/core/src/Signer.ts            |  6 ++++++
 2 files changed, 26 insertions(+)

diff --git a/packages/core/__tests__/Signer-test.ts b/packages/core/__tests__/Signer-test.ts
index e9f7cf9ce2c..c7b23f83e51 100644
--- a/packages/core/__tests__/Signer-test.ts
+++ b/packages/core/__tests__/Signer-test.ts
@@ -125,6 +125,26 @@ describe('Signer.sign', () => {
 			)
 		);
 	});
+
+	test("should add signed request's headers to input request", () => {
+		const request = getDefaultRequest();
+		const signedRequest = Signer.sign(request, credentialsWithToken, {
+			region: 'us-east-1',
+			service: 'foo',
+		});
+		expect(signedRequest.headers).toEqual(
+			expect.objectContaining({
+				'x-amz-date': expect.any(String),
+				Authorization: expect.any(String),
+			})
+		);
+		expect(request.headers).toEqual(
+			expect.objectContaining({
+				'x-amz-date': expect.any(String),
+				Authorization: expect.any(String),
+			})
+		);
+	});
 });
 
 describe('Signer.signUrl', () => {
diff --git a/packages/core/src/Signer.ts b/packages/core/src/Signer.ts
index 7d762f72a14..d89ffefabe3 100644
--- a/packages/core/src/Signer.ts
+++ b/packages/core/src/Signer.ts
@@ -76,6 +76,12 @@ export class Signer {
 			signedRequest.headers['x-amz-security-token'];
 		delete signedRequest.headers.authorization;
 		delete signedRequest.headers['x-amz-security-token'];
+
+		// For parity with previous signer implementation, add side effect to update the original request's headers with
+		// signed request's headers. This should be removed in future. Api-rest category's REST client relies on this behavior
+		// to correct clock skew.
+		Object.assign(request.headers, signedRequest.headers);
+
 		return signedRequest;
 	}