1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
package awsauth
import (
"net/http"
"net/url"
"testing"
"time"
"github.com/smartystreets/assertions"
"github.com/smartystreets/assertions/should"
"github.com/smartystreets/gunit"
)
// http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html
func TestSignature2Fixture(t *testing.T) {
gunit.RunSequential(new(Signature2Fixture), t)
}
type Signature2Fixture struct {
*gunit.Fixture
keys Credentials
}
func (this *Signature2Fixture) Setup() {
this.keys = *testCredV2
// Mock time
now = func() time.Time {
parsed, _ := time.Parse(timeFormatV2, exampleReqTsV2)
return parsed
}
}
func (this *Signature2Fixture) TestSignUnpreparedPlanRequest() {
request := test_plainRequestV2()
prepareRequestV2(request, this.keys)
this.So(request, should.Resemble, test_unsignedRequestV2())
}
func (this *Signature2Fixture) TestSignPreparedUnsignedRequest() {
request := test_unsignedRequestV2()
actual := canonicalQueryStringV2(request)
expected := canonicalQsV2
this.So(actual, should.Equal, expected)
this.So(request.URL.Path, should.Equal, "/")
this.So(stringToSignV2(request), should.Equal, expectedStringToSignV2)
this.So(signatureV2(stringToSignV2(request), this.keys), should.Equal, "i91nKc4PWAt0JJIdXwz9HxZCJDdiy6cf/Mj6vPxyYIs=")
Sign2(request, this.keys)
this.So(request.URL.String(), should.Equal, expectedFinalUrlV2)
}
func TestVersion2STSRequestPreparer(t *testing.T) {
// Given a plain request
request := test_plainRequestV2()
// And a set of credentials with an STS token
var keys Credentials
keys = *testCredV2WithSTS
// It should include the SecurityToken parameter when the request is signed
actualSigned := Sign2(request, keys)
actual := actualSigned.URL.Query()["SecurityToken"][0]
assert := assertions.New(t)
assert.So(actual, should.NotBeBlank)
assert.So(actual, should.Equal, testCredV2WithSTS.SecurityToken)
}
func test_plainRequestV2() *http.Request {
values := url.Values{}
values.Set("Action", "DescribeJobFlows")
values.Set("Version", "2009-03-31")
address := baseUrlV2 + "?" + values.Encode()
request, err := http.NewRequest("GET", address, nil)
if err != nil {
panic(err)
}
return request
}
func test_unsignedRequestV2() *http.Request {
request := test_plainRequestV2()
newUrl, _ := url.Parse(baseUrlV2 + "/?" + canonicalQsV2)
request.URL = newUrl
return request
}
var (
testCredV2 = &Credentials{
AccessKeyID: "AKIAIOSFODNN7EXAMPLE",
SecretAccessKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
}
testCredV2WithSTS = &Credentials{
AccessKeyID: "AKIDEXAMPLE",
SecretAccessKey: "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY",
SecurityToken: "AQoDYXdzEHcaoAJ1Aqwx1Sum0iW2NQjXJcWlKR7vuB6lnAeGBaQnjDRZPVyniwc48ml5hx+0qiXenVJdfusMMl9XLhSncfhx9Rb1UF8IAOaQ+CkpWXvoH67YYN+93dgckSVgVEBRByTl/BvLOZhe0ii/pOWkuQtBm5T7lBHRe4Dfmxy9X6hd8L3FrWxgnGV3fWZ3j0gASdYXaa+VBJlU0E2/GmCzn3T+t2mjYaeoInAnYVKVpmVMOrh6lNAeETTOHElLopblSa7TAmROq5xHIyu4a9i2qwjERTwa3Yk4Jk6q7JYVA5Cu7kS8wKVml8LdzzCTsy+elJgvH+Jf6ivpaHt/En0AJ5PZUJDev2+Y5+9j4AYfrmXfm4L73DC1ZJFJrv+Yh+EXAMPLE=",
}
exampleReqTsV2 = "2011-10-03T15:19:30"
baseUrlV2 = "https://elasticmapreduce.amazonaws.com"
canonicalQsV2 = "AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Action=DescribeJobFlows&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2011-10-03T15%3A19%3A30&Version=2009-03-31"
expectedStringToSignV2 = "GET\nelasticmapreduce.amazonaws.com\n/\n" + canonicalQsV2
expectedFinalUrlV2 = baseUrlV2 + "/?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Action=DescribeJobFlows&Signature=i91nKc4PWAt0JJIdXwz9HxZCJDdiy6cf%2FMj6vPxyYIs%3D&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2011-10-03T15%3A19%3A30&Version=2009-03-31"
)
|
