SQS Messenger Component with special chars in the DSN

[benblub]

Symfony version(s) affected

7.0.6

Description

If the aws DSN includes special chars there appear different exceptions.

1. Invalid DSN
2. [Symfony\Component\HttpClient\Exception\TransportException]
   Could not resolve host: xyz
   It use as host the aws id .. something like https://xyz

We have 3 different AWS instances. 2 works 1 failed. The only difference is the aws credentials.

How to reproduce

Using some DSN with special chars, in our case a secret with a / slash at the beginning.

LOG Output with replaced aws id ..

[2024-05-06T16:01:38.309239+02:00] messenger.INFO: Try #1 after 1011ms: Idle timeout reached for "http://169.254.169.254/latest/api/token". {"count":1,"delay":1011} []
[2024-05-06T16:01:39.319875+02:00] messenger.INFO: Try #2 after 1974ms: Idle timeout reached for "http://169.254.169.254/latest/api/token". {"count":2,"delay":1974} []
[2024-05-06T16:01:40.325087+02:00] messenger.INFO: Try #3 after 4332ms: Idle timeout reached for "http://169.254.169.254/latest/api/token". {"count":3,"delay":4332} []
[2024-05-06T16:01:41.333531+02:00] messenger.INFO: Failed to fetch metadata token for IMDSv2, fallback to IMDSv1. {"exception":"[object] (Symfony\\Component\\HttpClient\\Exception\\TimeoutException(code: 0): Idle timeout reached for \"http://169.254.169.254/latest/api/token\". at /var/www/symfony_docker/vendor/symfony/http-client/Chunk/ErrorChunk.php:56)"} []
[2024-05-06T16:01:41.350283+02:00] messenger.INFO: Try #1 after 915ms: Failed to connect to 169.254.169.254 port 80 after 7 ms: Couldn't connect to server for "http://169.254.169.254/latest/meta-data/iam/security-credentials". {"count":1,"delay":915} []
[2024-05-06T16:01:42.269516+02:00] messenger.INFO: Try #2 after 1825ms: Failed to connect to 169.254.169.254 port 80 after 1 ms: Couldn't connect to server for "http://169.254.169.254/latest/meta-data/iam/security-credentials". {"count":2,"delay":1825} []
[2024-05-06T16:01:43.274762+02:00] messenger.INFO: Try #3 after 3657ms: Idle timeout reached for "http://169.254.169.254/latest/meta-data/iam/security-credentials". {"count":3,"delay":3657} []
[2024-05-06T16:01:44.279537+02:00] messenger.INFO: Failed to fetch Profile from Instance Metadata. {"exception":"[object] (Symfony\\Component\\HttpClient\\Exception\\TimeoutException(code: 0): Idle timeout reached for \"http://169.254.169.254/latest/meta-data/iam/security-credentials\". at /var/www/symfony_docker/vendor/symfony/http-client/Chunk/ErrorChunk.php:56)"} []
[2024-05-06T16:01:44.323555+02:00] messenger.INFO: Try #1 after 1036ms: Could not resolve host: AWD_ID for "https://AWS_ID/". {"count":1,"delay":1036} []
[2024-05-06T16:01:45.392190+02:00] messenger.INFO: Try #2 after 1904ms: Could not resolve host: AWS_ID for "https://AWS_ID/". {"count":2,"delay":1904} []
[2024-05-06T16:01:47.313648+02:00] messenger.INFO: Try #3 after 3870ms: Could not resolve host: AWS_ID for "https://AWS_ID/". {"count":3,"delay":3870} []
[2024-05-06T16:01:51.210764+02:00] messenger.ERROR: Could not contact remote server. {"exception":"[object] (AsyncAws\\Core\\Exception\\Http\\NetworkException(code: 0): Could not contact remote server. at /var/www/symfony_docker/vendor/async-aws/core/src/Response.php:161)\n[previous exception] [object] (Symfony\\Component\\HttpClient\\Exception\\TransportException(code: 0): Could not resolve host: AWS_ID for \"https://AWS_ID/\". at /var/www/symfony_docker/vendor/symfony/http-client/Chunk/ErrorChunk.php:47)\n[previous exception] [object] (Symfony\\Component\\HttpClient\\Exception\\TransportException(code: 0): Could not resolve host: AWS_ID for \"https://AWS_ID/\". at /var/www/symfony_docker/vendor/symfony/http-client/Response/CurlResponse.php:315)"} []
[2024-05-06T16:01:51.214583+02:00] console.CRITICAL: Error thrown while running command "messenger:consume -vv". Message: "Could not contact remote server." {"exception":"[object] (AsyncAws\\Core\\Exception\\Http\\NetworkException(code: 0): Could not contact remote server. at /var/www/symfony_docker/vendor/async-aws/core/src/Response.php:161)\n[previous exception] [object] (Symfony\\Component\\HttpClient\\Exception\\TransportException(code: 0): Could not resolve host: AWS_ID for \"https://AWS_ID/\". at /var/www/symfony_docker/vendor/symfony/http-client/Chunk/ErrorChunk.php:47)\n[previous exception] [object] (Symfony\\Component\\HttpClient\\Exception\\TransportException(code: 0): Could not resolve host: AWS_ID for \"https://AWS_ID/\". at /var/www/symfony_docker/vendor/symfony/http-client/Response/CurlResponse.php:315)","command":"messenger:consume -vv","message":"Could not contact remote server."} []
[2024-05-06T16:01:51.215219+02:00] console.DEBUG: Command "messenger:consume -vv" exited with code "1" {"command":"messenger:consume -vv","code":1} []

In vendor/async-aws/core/src/Credentials/InstanceProvider.php
it runs into Line 95

catch (TransportExceptionInterface|HttpExceptionInterface $e) {
$this->logger->info('Failed to fetch Profile from Instance Metadata.', ['exception' => $e]);

Possible Solution

No response

Additional Context

No response

[xabbuh]

Did you URL encode the special characters?

[xabbuh]

I am going to close here for now due to the lack of feedback. Please let us know when you have more information and we can consider to reopen.

[benblub]

yes, I also tried with url encode the secret before. @xabbuh

There is no error raising more, but then I get wrong credentials.

[xabbuh]

Can you create a small example application that allows to reproduce your issue?